查看: 3638|回复: 10
收起左侧

[转帖] 紧急:NOD32 2.70.37.0暴远程缓冲溢出漏洞!

[复制链接]
fanrubin
头像被屏蔽
发表于 2007-6-4 09:47:01 | 显示全部楼层 |阅读模式
Original release date: 5/24/2007 :_ ^KL>X
Last revised: 5/29/2007
("9 a7c0
Source: US-CERT/NIST
Ma%f 4iS
X ; z|/
(s0(QIofQ
Overview
aB3Ay}P
P,-VcG?
Multiple stack-based buffer overflows in ESET NOD32 Antivirus before 2.70.37.0 allow remote attackers to execute arbitrary code during (1) delete/disinfect or (2) rename operations via a crafted directory name.
h|Ayni*A
H<| s2~
+H >bUwSi
Impact
Uj.A~unh
5A BPc6!
CVSS Severity: 8.0 (High)
W2N|+Ws
Range: Remotely exploitable
X4i#otevv|
Authentication: Not required to exploit
cU)xhH0h
Impact Type: Provides administrator access, Allows complete confidentiality, integrity, and availability violation
#*bc0"Bu
`Y;XhQ
]? bm
References to Advisories, Solutions, and Tools
Tz8'lpiRL
 'C$O!9
External Source: FRSIRT (disclaimer)
V6jPyWQCUd
Z|T }lZ
Name: ADV-2007-1911
_B6{f K-
dJr~D8Wf
Type: Advisory , Patch Information
G%y}/V+
Hyperlink:
http://www.frsirt.com/english/advisories/2007/1911 Swryb8$n
Q Rw7m
,Sx\hn[VHM
External Source: SECUNIA (disclaimer)
19I/9)'o
S5plO
Name: 25375
)E, H ymm
?;GAz'$`
Type: Advisory , Patch Information
oQ*uM< m
Hyperlink:
http://secunia.com/advisories/25375 Dg0OZ$(l
%I$@9tZ>
&_E54Oaf
External Source: BID (disclaimer)
" 3>f0SZ
z dx1Z !I
Name: 24098
&"K_GG"me
S\YcX~_o]
Hyperlink:
http://www.securityfocus.com/bid/24098 +.4GGuqA[
+8<!+O
:G)B; 3l
External Source: BUGTRAQ (disclaimer)
A$_%)Wn5
w6<U'Rl
Name: 20070521 NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities
i]]Ln
bzl1wTy
Hyperlink:
http://www.securityfocus.com/archive/1/archive/1/469300/100/0/threaded \9Nfk_
1_ }`Hi_ 8
.c61g3s
External Source: (disclaimer)
Vw76% B`
+=}3L>1Gdq
Type: Advisory
yt]""3iW`
Hyperlink:
http://www.inkatel.com/wp-content/uploads/2007/05/Advisory.txt J)ZgS.GW
.o7p8.{
]6|aEw=E
External Source: (disclaimer)
8]1C}L/L;
L[P*eT M
Hyperlink:
http://www.eset.com/support/news.php 8PU|}o&G
6~hP7A@
:( Dv&
Vulnerable software and versions
kiv -*J
l|6<= SF
Configuration 1
!vBBf*?B0`
− Eset Software, NOD32 Antivirus, 2.70.37.0
EveH:/)F
{@b\mH!a
(]L6{j+h W
3[e ?(4c
Technical Details
%v%57Dp
OOEQ8:3u}
CVSS Base Score Vector: (AV:R/AC:H/Au:NR/C:C/I:C/A:C/B:N) (legend)
LXY=`rx@
A 6YwkC"d
Vulnerability Type: Buffer Overflow
s4<
_yH1!2LY
6zCi_O 9n
CVE Standard Vulnerability Entry:
ujQ/Y(!
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2852 OY=I|fQL@
Q*iu:/"j
(F[Rr7H
Common Platform Enumeration:
!qE]E2:7
http://nvd.nist.gov/cpe.cfm?cvename=CVE-2007-2852
The EQs
发表于 2007-6-4 09:51:32 | 显示全部楼层
很早的新闻了。。。。eset在发布前已经更新到了39.。。修复了这个问题
hlm444
发表于 2007-6-4 09:58:47 | 显示全部楼层
楼住转的不是时候啊
呵呵  39解决这个问题了
傻猪猪米走鸡
发表于 2007-6-4 12:11:47 | 显示全部楼层
支持!多点提供蟹更新的情报
hahacomcn
发表于 2007-6-4 12:24:38 | 显示全部楼层
还是很不错的,至少提醒了一下。
Nerazzurri
发表于 2007-6-4 12:36:58 | 显示全部楼层
恩~~感谢楼主,提醒了使用者更新。
sasan210
头像被屏蔽
发表于 2007-6-4 13:32:42 | 显示全部楼层
汗,看到后把32更新到39了。。。。
kn88
发表于 2007-6-4 14:00:53 | 显示全部楼层
终于见到传说在的火星人了.
hj5abc
发表于 2007-6-4 18:59:04 | 显示全部楼层
ms会利用杀软BUG的病毒不多吧 ..而且还是NOD32..
期待下一个版本..
bojinov
发表于 2007-6-4 21:03:02 | 显示全部楼层
都更新至39了

这个就是那么快更新到39的原因吧
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2024-11-24 08:41 , Processed in 0.130209 second(s), 17 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表