本帖最后由 pal家族 于 2015-11-20 13:05 编辑
https://support.kaspersky.com/vulnerability.aspx?el=12430#block1
应该是最近才弄出来的,将卡巴斯基软件里的漏洞,向大家公布。
此前,毛子很诚实的将win10下各种限制公布出来了,结果惨遭吐槽!!
这次,卡巴又搞出来个这玩意,目前收录的漏洞有三个。
大家记住:Tavis Ormandy 这个人,这家伙专业挖掘卡巴漏洞100年。。。。。。
11月更新
新增两个漏洞
Advisory issued on 16th November, 2015
Description
Kaspersky Lab has fixed a number of vulnerabilities found by Mr. Tavis Ormandy:
- ACL on Kaspersky's directory allowed unprivileged users to create a new file in ProgramData system folder. This could be used by attackers with access to a host in order to create a malicious file that might be then loaded by Antivirus process. CVSS score of this vulnerability is 4.1 (AV:L/AC:M/Au:S/C:P/I:P/A:P).
- X.509 certificates handling was vulnerable to path traversal attack. This could be used by attacker to create a certificate file outside the temporary folder where they are stored during the time of validation. After certificate validation the file is deleted. In order to exploit the vulnerability an attacker could convince users to visit a web site with a specially crafted X.509 certificate. CVSS score of 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N).
- Virtual Keyboard functionality was vulnerable to a path traversal attack. This could be used by attackers with access to a host to read any PNG file on disk C. CVSS score of 1.5 (AV:L/AC:M/Au:S/C:P/I:N/A:N).
List of affected products
Kaspersky Anti-Virus: 2014, 2015, 2016
Kaspersky Internet Security: 2014, 2015, 2016
Kaspersky Total Security: 2015, 2016
Fixed Versions
Kaspersky Anti-Virus 2016
Kaspersky Internet Security 2016
Kaspersky Total Security 2016
The fixes are included in the autoupdated patch built in the latest product versions that were released on November, 10. To apply the fixes, please update your products to the latest versions.
Acknowledgments
We would like to extend our thanks to Tavis Ormandy for reporting these bugs to Kaspersky Lab.
Advisory issued on 16th November, 2015
Description
Kaspersky Lab has identified that the below mentioned products are susceptible to memory corruptions while scanning malformed files of RAR and ZIP formats. These vulnerabilities have maximum security impact of remote code execution and could corrupt memory this way: an attacker could execute arbitrary code in the context of the Antivirus process. In order to exploit the vulnerabilities an attacker has to convince user to upload a maliciously malformed ZIP or RAR file from external resources. This, for example, might be done by convincing a user to download a malicious file from a specially crafted website or by sending them a malicious file via e-mail. Memory corruptions can possibly occur while scanning this file. The fix addresses the vulnerabilities by modifying processing of malformed RAR and ZIP files.
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
List of affected products
Kaspersky Anti-Virus for Lotus Domino: 8.2
Kaspersky Linux Mail Security: 8.0, 8.0.1
Kaspersky Security for Mail Gateway:1.0
Kaspersky Anti-Virus for Proxy Server: 5.5
Kaspersky Security for Virtualization Agentless: 1.1.0.79, 2.0.0.34, 2.0.0.69, 3.0.0.92, 3.1.0.77
Kaspersky Anti-Virus: 2013, 2014, 2015
Kaspersky Internet Security: 2013, 2014, 2015
Kaspersky PURE 3
Kaspersky Small Office Security 3
Kaspersky Endpoint Security for Windows: 10 , 10 MR1, 10 SP1
Kaspersky Endpoint Security for Windows: 8, 8 CF1, 8 CF2
Kaspersky Anti-Virus 6.0 R2 for Windows Workstations: 6 MP4 CF1 and CF2
Kaspersky Security for SharePoint Server: 8.0 mp1, 8.0 mp1cf1, 9.0, 9.0 mp1, 9.0
Kaspersky Security for Microsoft Exchange Server: 8.3, 8.6.79, 9.0.129, 9.1.42, 9.2.39
Kaspersky Anti-Virus for Lotus Domino: 8.2
Kaspersky Anti-Virus for Windows Servers EE: 8 TR, SP1, SP2, 10
Kaspersky Anti-Virus for Linux File Servers: 8.0.1.145, 8.0.2.256, 8.0.2.256, 8.0.3.265
Kaspersky Endpoint Security for Linux: 8.0.0.35, 8.1.0.50
Fixed Versions
The fix is included in the autoupdated modules that were released on 13 November, 2015 for all the products listed above.
Acknowledgments
We would like to extend our thanks to Tavis Ormandy for reporting these bugs to Kaspersky Lab.
第一次内容
Advisory issued on 9th October, 2015
Description:
Corrected conditions for blacklisting hosts by Network Attack Blocker.
List of affected products:
All products with Network Attack Blocker functionality, including
Kaspersky Internet Security 2015
Kaspersky Endpoint Security 8 and 10
Kaspersky Total Security 2016
Kaspersky Small Office Security 2015
Fixed Versions:
The fix is included in the autoupdated modules that were released on 6 October 2015.
Acknowledgments:
We would like to thank Mr. Tavis Ormandy for his research.
Advisory issued on 2nd October, 2015
Description:
- The administration password for protecting product configuration was stored in the registry as a raw, unsalted MD5 hash value.
- There was a possibility of bypassing the password-based authentication for the configuration of protection settings.
Taking advantage of either of these flaws would require local access to the system in which our products were installed.
List of affected products:
Kaspersky Internet Security 2015
Kaspersky Anti-Virus 2015
Kaspersky Endpoint Security 8 CF2 (8.1.0.1042), 10 MR1 (10.2.1.23)
Kaspersky Total Security 2015
Kaspersky Small Office Security 2013, 2015
Fixed Versions:
Kaspersky Internet Security 2016
Kaspersky Anti-Virus 2016
Kaspersky Endpoint Security 10 SP1MR1 (10.2.2.10535)
Kaspersky Total Security 2016
Acknowledgments:
We would like to extend our thanks to Matthias Deeg and Sven Freund at SySS GmbH for reporting these flaws to Kaspersky Lab.
Advisory issued on 22nd September, 2015
Description:
Kaspersky Lab has fixed a number of bugs that were leading to the memory corruption, while parsing malformed files of the following formats: DEX, VB6, CHM, ExeCryptor, PE, "Yoda's Protector", and some other modified malicious files. The code in Kaspersky Lab’s Antivirus products had not been correctly handling malformed data that could cause integer and buffer overflows.
List of products where this vulnerability has been found:
Kaspersky Internet Security 2015
Kaspersky Anti-Virus 2015
Kaspersky Endpoint Security 10 SP1MR1
Kaspersky Total Security 2015
Kaspersky Security for Virtualization 3.0
Issue date for a fix or patch:
The fix is included in the autoupdated modules that were released on 13 September 2015.
Acknowledgments:
We would like to thank Mr. Tavis Ormandy for his research. Kaspersky Lab has always supported the assessment of our solutions by independent experts. Their efforts help us to make our solutions stronger, more productive and more reliable.
|
发表于 2015-10-13 12:42:36
公开透明披露信息,毛子在国际上是敢说话的 普京 风格。
部分格式检测BUG?这是啥?
楼主
听起来蛮好玩!等出了免费版去玩玩去,看怎么个崩溃法
