MidnightBSD

Advisories for kaspersky_lab

CVE-2002-2337 MEDIUM

Kaspersky Anti-Hacker 1.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kaspersky_lab kaspersky_anti-hacker 1.0
CVE-2003-1443 MEDIUM

Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
kaspersky_lab kaspersky_anti-virus 4.0.9.0
CVE-2003-1444 MEDIUM

Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
kaspersky_lab kaspersky_anti-virus 4.0.9.0
CVE-2004-0932 HIGH

McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom etrust_ez_antivirus 6.1
broadcom etrust_secure_content_manager 1.0
sophos sophos_anti-virus 3.81
sophos sophos_anti-virus 3.83
broadcom etrust_ez_armor 2.4
sophos sophos_anti-virus 3.79
broadcom etrust_ez_antivirus 6.3
rav_antivirus rav_antivirus_desktop 8.6
broadcom brightstor_arcserve_backup 11.1
sophos sophos_anti-virus 3.85
broadcom etrust_antivirus 7.0
eset_software nod32_antivirus 1.0.12
rav_antivirus rav_antivirus_for_file_servers 1.0
eset_software nod32_antivirus 1.0.13
gentoo linux 1.4
broadcom etrust_ez_armor 2.0
sophos sophos_puremessage_anti-virus 4.6
mcafee antivirus_engine 4.3.20
kaspersky_lab kaspersky_anti-virus 5.0
sophos sophos_anti-virus 3.80
sophos sophos_anti-virus 3.4.6
sophos sophos_small_business_suite 1.0
sophos sophos_anti-virus 3.86
eset_software nod32_antivirus 1.0.11
broadcom etrust_antivirus_gateway 7.0
sophos sophos_anti-virus 3.84
sophos sophos_anti-virus 3.78
broadcom etrust_intrusion_detection 1.4.1.13
kaspersky_lab kaspersky_anti-virus 4.0
suse suse_linux 9.2
broadcom etrust_intrusion_detection 1.5
archive_zip archive_zip 1.13
gentoo linux *
broadcom etrust_intrusion_detection 1.4.5
broadcom inoculateit 6.0
broadcom etrust_antivirus 7.1
broadcom etrust_secure_content_manager 1.1
ca etrust_antivirus 7.0_sp2
kaspersky_lab kaspersky_anti-virus 3.0
broadcom etrust_ez_armor 2.3
sophos sophos_anti-virus 3.82
sophos sophos_anti-virus 3.78d
ca etrust_secure_content_manager 1.0
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
broadcom etrust_antivirus_gateway 7.1
mandrakesoft mandrake_linux 10.1
broadcom etrust_ez_antivirus 6.2
CVE-2004-0933 HIGH

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom etrust_ez_antivirus 6.1
broadcom etrust_secure_content_manager 1.0
sophos sophos_anti-virus 3.81
sophos sophos_anti-virus 3.83
broadcom etrust_ez_armor 2.4
sophos sophos_anti-virus 3.79
broadcom etrust_ez_antivirus 6.3
rav_antivirus rav_antivirus_desktop 8.6
broadcom brightstor_arcserve_backup 11.1
sophos sophos_anti-virus 3.85
broadcom etrust_antivirus 7.0
eset_software nod32_antivirus 1.0.12
rav_antivirus rav_antivirus_for_file_servers 1.0
eset_software nod32_antivirus 1.0.13
gentoo linux 1.4
broadcom etrust_ez_armor 2.0
sophos sophos_puremessage_anti-virus 4.6
mcafee antivirus_engine 4.3.20
kaspersky_lab kaspersky_anti-virus 5.0
sophos sophos_anti-virus 3.80
sophos sophos_anti-virus 3.4.6
sophos sophos_small_business_suite 1.0
sophos sophos_anti-virus 3.86
eset_software nod32_antivirus 1.0.11
broadcom etrust_antivirus_gateway 7.0
sophos sophos_anti-virus 3.84
sophos sophos_anti-virus 3.78
broadcom etrust_intrusion_detection 1.4.1.13
kaspersky_lab kaspersky_anti-virus 4.0
suse suse_linux 9.2
broadcom etrust_intrusion_detection 1.5
archive_zip archive_zip 1.13
gentoo linux *
broadcom etrust_intrusion_detection 1.4.5
broadcom inoculateit 6.0
broadcom etrust_antivirus 7.1
broadcom etrust_secure_content_manager 1.1
ca etrust_antivirus 7.0_sp2
kaspersky_lab kaspersky_anti-virus 3.0
broadcom etrust_ez_armor 2.3
sophos sophos_anti-virus 3.82
sophos sophos_anti-virus 3.78d
ca etrust_secure_content_manager 1.0
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
broadcom etrust_antivirus_gateway 7.1
mandrakesoft mandrake_linux 10.1
broadcom etrust_ez_antivirus 6.2
CVE-2004-0934 HIGH

Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom etrust_ez_antivirus 6.1
broadcom etrust_secure_content_manager 1.0
sophos sophos_anti-virus 3.81
sophos sophos_anti-virus 3.83
broadcom etrust_ez_armor 2.4
sophos sophos_anti-virus 3.79
broadcom etrust_ez_antivirus 6.3
rav_antivirus rav_antivirus_desktop 8.6
broadcom brightstor_arcserve_backup 11.1
sophos sophos_anti-virus 3.85
broadcom etrust_antivirus 7.0
eset_software nod32_antivirus 1.0.12
rav_antivirus rav_antivirus_for_file_servers 1.0
eset_software nod32_antivirus 1.0.13
gentoo linux 1.4
broadcom etrust_ez_armor 2.0
sophos sophos_puremessage_anti-virus 4.6
mcafee antivirus_engine 4.3.20
kaspersky_lab kaspersky_anti-virus 5.0
sophos sophos_anti-virus 3.80
sophos sophos_anti-virus 3.4.6
sophos sophos_small_business_suite 1.0
sophos sophos_anti-virus 3.86
eset_software nod32_antivirus 1.0.11
broadcom etrust_antivirus_gateway 7.0
sophos sophos_anti-virus 3.84
sophos sophos_anti-virus 3.78
broadcom etrust_intrusion_detection 1.4.1.13
kaspersky_lab kaspersky_anti-virus 4.0
suse suse_linux 9.2
broadcom etrust_intrusion_detection 1.5
archive_zip archive_zip 1.13
gentoo linux *
broadcom etrust_intrusion_detection 1.4.5
broadcom inoculateit 6.0
broadcom etrust_antivirus 7.1
broadcom etrust_secure_content_manager 1.1
ca etrust_antivirus 7.0_sp2
kaspersky_lab kaspersky_anti-virus 3.0
broadcom etrust_ez_armor 2.3
sophos sophos_anti-virus 3.82
sophos sophos_anti-virus 3.78d
ca etrust_secure_content_manager 1.0
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
broadcom etrust_antivirus_gateway 7.1
mandrakesoft mandrake_linux 10.1
broadcom etrust_ez_antivirus 6.2
CVE-2004-0935 HIGH

Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom etrust_ez_antivirus 6.1
broadcom etrust_secure_content_manager 1.0
sophos sophos_anti-virus 3.81
sophos sophos_anti-virus 3.83
broadcom etrust_ez_armor 2.4
sophos sophos_anti-virus 3.79
broadcom etrust_ez_antivirus 6.3
rav_antivirus rav_antivirus_desktop 8.6
broadcom brightstor_arcserve_backup 11.1
sophos sophos_anti-virus 3.85
broadcom etrust_antivirus 7.0
eset_software nod32_antivirus 1.0.12
rav_antivirus rav_antivirus_for_file_servers 1.0
eset_software nod32_antivirus 1.0.13
gentoo linux 1.4
broadcom etrust_ez_armor 2.0
sophos sophos_puremessage_anti-virus 4.6
mcafee antivirus_engine 4.3.20
kaspersky_lab kaspersky_anti-virus 5.0
sophos sophos_anti-virus 3.80
sophos sophos_anti-virus 3.4.6
sophos sophos_small_business_suite 1.0
sophos sophos_anti-virus 3.86
eset_software nod32_antivirus 1.0.11
broadcom etrust_antivirus_gateway 7.0
sophos sophos_anti-virus 3.84
sophos sophos_anti-virus 3.78
broadcom etrust_intrusion_detection 1.4.1.13
kaspersky_lab kaspersky_anti-virus 4.0
suse suse_linux 9.2
broadcom etrust_intrusion_detection 1.5
archive_zip archive_zip 1.13
gentoo linux *
broadcom etrust_intrusion_detection 1.4.5
broadcom inoculateit 6.0
broadcom etrust_antivirus 7.1
broadcom etrust_secure_content_manager 1.1
ca etrust_antivirus 7.0_sp2
kaspersky_lab kaspersky_anti-virus 3.0
broadcom etrust_ez_armor 2.3
sophos sophos_anti-virus 3.82
sophos sophos_anti-virus 3.78d
ca etrust_secure_content_manager 1.0
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
broadcom etrust_antivirus_gateway 7.1
mandrakesoft mandrake_linux 10.1
broadcom etrust_ez_antivirus 6.2
CVE-2004-0936 HIGH

RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom etrust_ez_antivirus 6.1
broadcom etrust_secure_content_manager 1.0
sophos sophos_anti-virus 3.81
sophos sophos_anti-virus 3.83
broadcom etrust_ez_armor 2.4
sophos sophos_anti-virus 3.79
broadcom etrust_ez_antivirus 6.3
rav_antivirus rav_antivirus_desktop 8.6
broadcom brightstor_arcserve_backup 11.1
sophos sophos_anti-virus 3.85
broadcom etrust_antivirus 7.0
eset_software nod32_antivirus 1.0.12
rav_antivirus rav_antivirus_for_file_servers 1.0
eset_software nod32_antivirus 1.0.13
gentoo linux 1.4
broadcom etrust_ez_armor 2.0
sophos sophos_puremessage_anti-virus 4.6
mcafee antivirus_engine 4.3.20
kaspersky_lab kaspersky_anti-virus 5.0
sophos sophos_anti-virus 3.80
sophos sophos_anti-virus 3.4.6
sophos sophos_small_business_suite 1.0
sophos sophos_anti-virus 3.86
eset_software nod32_antivirus 1.0.11
broadcom etrust_antivirus_gateway 7.0
sophos sophos_anti-virus 3.84
sophos sophos_anti-virus 3.78
broadcom etrust_intrusion_detection 1.4.1.13
kaspersky_lab kaspersky_anti-virus 4.0
suse suse_linux 9.2
broadcom etrust_intrusion_detection 1.5
archive_zip archive_zip 1.13
gentoo linux *
broadcom etrust_intrusion_detection 1.4.5
broadcom inoculateit 6.0
broadcom etrust_antivirus 7.1
broadcom etrust_secure_content_manager 1.1
ca etrust_antivirus 7.0_sp2
kaspersky_lab kaspersky_anti-virus 3.0
broadcom etrust_ez_armor 2.3
sophos sophos_anti-virus 3.82
sophos sophos_anti-virus 3.78d
ca etrust_secure_content_manager 1.0
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
broadcom etrust_antivirus_gateway 7.1
mandrakesoft mandrake_linux 10.1
broadcom etrust_ez_antivirus 6.2
CVE-2004-0937 HIGH

Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom etrust_ez_antivirus 6.1
broadcom etrust_secure_content_manager 1.0
sophos sophos_anti-virus 3.81
sophos sophos_anti-virus 3.83
broadcom etrust_ez_armor 2.4
sophos sophos_anti-virus 3.79
broadcom etrust_ez_antivirus 6.3
rav_antivirus rav_antivirus_desktop 8.6
broadcom brightstor_arcserve_backup 11.1
sophos sophos_anti-virus 3.85
broadcom etrust_antivirus 7.0
eset_software nod32_antivirus 1.0.12
rav_antivirus rav_antivirus_for_file_servers 1.0
eset_software nod32_antivirus 1.0.13
gentoo linux 1.4
broadcom etrust_ez_armor 2.0
sophos sophos_puremessage_anti-virus 4.6
mcafee antivirus_engine 4.3.20
kaspersky_lab kaspersky_anti-virus 5.0
sophos sophos_anti-virus 3.80
sophos sophos_anti-virus 3.4.6
sophos sophos_small_business_suite 1.0
sophos sophos_anti-virus 3.86
eset_software nod32_antivirus 1.0.11
broadcom etrust_antivirus_gateway 7.0
sophos sophos_anti-virus 3.84
sophos sophos_anti-virus 3.78
broadcom etrust_intrusion_detection 1.4.1.13
kaspersky_lab kaspersky_anti-virus 4.0
suse suse_linux 9.2
broadcom etrust_intrusion_detection 1.5
archive_zip archive_zip 1.13
gentoo linux *
broadcom etrust_intrusion_detection 1.4.5
broadcom inoculateit 6.0
broadcom etrust_antivirus 7.1
broadcom etrust_secure_content_manager 1.1
ca etrust_antivirus 7.0_sp2
kaspersky_lab kaspersky_anti-virus 3.0
broadcom etrust_ez_armor 2.3
sophos sophos_anti-virus 3.82
sophos sophos_anti-virus 3.78d
ca etrust_secure_content_manager 1.0
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
broadcom etrust_antivirus_gateway 7.1
mandrakesoft mandrake_linux 10.1
broadcom etrust_ez_antivirus 6.2
CVE-2004-1096 HIGH

Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
broadcom etrust_ez_antivirus 6.1
broadcom etrust_secure_content_manager 1.0
sophos sophos_anti-virus 3.81
sophos sophos_anti-virus 3.83
broadcom etrust_ez_armor 2.4
sophos sophos_anti-virus 3.79
broadcom etrust_ez_antivirus 6.3
rav_antivirus rav_antivirus_desktop 8.6
broadcom brightstor_arcserve_backup 11.1
sophos sophos_anti-virus 3.85
broadcom etrust_antivirus 7.0
eset_software nod32_antivirus 1.0.12
rav_antivirus rav_antivirus_for_file_servers 1.0
eset_software nod32_antivirus 1.0.13
gentoo linux 1.4
broadcom etrust_ez_armor 2.0
sophos sophos_puremessage_anti-virus 4.6
mcafee antivirus_engine 4.3.20
kaspersky_lab kaspersky_anti-virus 5.0
sophos sophos_anti-virus 3.80
sophos sophos_anti-virus 3.4.6
sophos sophos_small_business_suite 1.0
sophos sophos_anti-virus 3.86
eset_software nod32_antivirus 1.0.11
broadcom etrust_antivirus_gateway 7.0
sophos sophos_anti-virus 3.84
sophos sophos_anti-virus 3.78
broadcom etrust_intrusion_detection 1.4.1.13
kaspersky_lab kaspersky_anti-virus 4.0
suse suse_linux 9.2
broadcom etrust_intrusion_detection 1.5
gentoo linux *
broadcom etrust_intrusion_detection 1.4.5
broadcom inoculateit 6.0
broadcom etrust_antivirus 7.1
broadcom etrust_secure_content_manager 1.1
ca etrust_antivirus 7.0_sp2
kaspersky_lab kaspersky_anti-virus 3.0
broadcom etrust_ez_armor 2.3
sophos sophos_anti-virus 3.82
sophos sophos_anti-virus 3.78d
ca etrust_secure_content_manager 1.0
rav_antivirus rav_antivirus_for_mail_servers 8.4.2
broadcom etrust_antivirus_gateway 7.1
mandrakesoft mandrake_linux 10.1
broadcom etrust_ez_antivirus 6.2
CVE-2005-1905 HIGH

The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kaspersky_lab kaspersky_anti-virus_personal 5.0.227
kaspersky_lab kaspersky_anti-virus 5.0.335
kaspersky_lab kaspersky_anti-virus_personal 5.0.325
kaspersky_lab kaspersky_anti-virus 5.0.227
kaspersky_lab kaspersky_anti-virus 5.0.228
kaspersky_lab kaspersky_anti-virus_personal 5.0.228
CVE-2005-2582 LOW

Kaspersky Anti-Virus for Unix/Linux File Servers 5.0-5 uses world-writable permissions for the (1) log and (2) license directory, which allows local users to delete log files, append to arbitrary files via a symlink attack on kavmonitor.log, or delete license keys and prevent keepup2date from properly executing.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kaspersky_lab kaspersky_anti-virus 5.0.5
CVE-2005-3142 HIGH

Heap-based buffer overflow in Kaspersky Antivirus (KAV) 5.0 and Kaspersky Personal Security Suite 1.1 allows remote attackers to execute arbitrary code via a CAB file with large records after the header.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kaspersky_lab kaspersky_anti-virus_personal_pro 5.0
kaspersky_lab kaspersky_anti-virus_personal 5.0
kaspersky_lab kaspersky_anti-virus 5.0
kaspersky_lab kaspersky_personal_security_suite 1.1
CVE-2005-3210 MEDIUM

Multiple interpretation error in unspecified versions of Kaspersky Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kaspersky_lab kaspersky_anti-virus *
CVE-2005-3376 MEDIUM

Multiple interpretation error in Kaspersky 5.0.372 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kaspersky_lab kaspersky_anti-virus 5.0.372
CVE-2005-3663 HIGH

Unquoted Windows search path vulnerability in Kaspersky Anti-Virus 5.0 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kaspersky_lab kaspersky_anti-virus 5.0
CVE-2005-3664 HIGH

Heap-based buffer overflow in Kaspersky Anti-Virus Engine, as used in Kaspersky Personal 5.0.227, Anti-Virus On-Demand Scanner for Linux 5.0.5, and F-Secure Anti-Virus for Linux 4.50 allows remote attackers to execute arbitrary code via a crafted CHM file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kaspersky_lab kaspersky_anti-virus_personal 5.0.227
f-secure f-secure_anti-virus 4.50
kaspersky_lab kaspersky_anti-virus 5.0.5
CVE-2006-1091 HIGH

Kaspersky Antivirus 5.0.5 and 5.5.3 allows remote attackers to cause a denial of service (CPU and memory consumption) via unknown attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
kaspersky_lab kaspersky_anti-virus 5.5.3
kaspersky_lab kaspersky_anti-virus 5.0.5