[CLOSE] OSVDB ID : 73448 - Disclosed: 2011-06-12

Description:

(Description Provided by CVE) : Frams's Fast File EXchange (F*EX, aka fex) 20100208, and possibly other versions before 20110610, allows remote attackers to bypass authentication and upload arbitrary files via a request that lacks an authentication ID.

[CLOSE] OSVDB ID : 4183 - Disclosed: 2004-03-10

Description:

(Description Provided by CVE) : Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FASV.

[CLOSE] OSVDB ID : 36725 - Disclosed: 2007-05-30

Description:

(Description Provided by CVE) : Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files.

[CLOSE] OSVDB ID : 34764 - Disclosed: 2007-03-18

Description:

(Description Provided by CVE) : Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause a denial of service and possibly gain privileges via format string specifiers in the Management Server name field on the Communication settings page.

[CLOSE] OSVDB ID : 36728 - Disclosed: 2007-06-19

Description:

(Description Provided by CVE) : Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive.

[CLOSE] OSVDB ID : 36729 - Disclosed: 2007-06-19

Description:

(Description Provided by CVE) : Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070619 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive.

[CLOSE] OSVDB ID : 22633 - Disclosed: 2006-01-19

Description:

F-Secure Anti Virus products contain a flaw that may allow malicious code to bypass the scanning engine. The issue is triggered when specially crafted RAR or ZIP archives are processed by the scanning engine, resulting in a loss of integrity.

[CLOSE] OSVDB ID : 19913 - Disclosed: 2005-10-10

Description:

A remote overflow exists in F-Secure Anti-Virus for Linux. The Anti-Virus engine fails to perform proper bounds checking resulting in a heap-based buffer overflow. With a specially crafted CHM file, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

[CLOSE] OSVDB ID : 9818 - Disclosed: 2004-09-09

Description:

F-Secure Anti-Virus for Microsoft Exchange contains a flaw that may allow a remote denial of service. The issue is triggered due to the parsing of malformed packets on port 18,971, which causes the application to crash with an access violation error and will result in loss of availability for the server.

[CLOSE] OSVDB ID : 11395 - Disclosed: 2004-11-03

Description:

F-Secure Anti-Virus for Microsoft Exchange contains a flaw that may allow a malicious user to bypass anti-virus protection. The issue may be triggered by nesting a malicious password-protected file inside a ZIP archive. The flaw is not directly exploitable but may lead to a more serious impact.

[CLOSE] OSVDB ID : 4962 - Disclosed: 2004-04-06

Description:

F-Secure for MIMEsweeper contains a flaw that may allow a malicious worm to avoid detection. The issue is triggered when a Sober.D worm propagates itself in a zip file. It is possible that the flaw may allow malicious code to pass resulting in a loss of confidentiality, integrity, and/or availability.

[CLOSE] OSVDB ID : 41377 - Disclosed: 2007-09-27

Description:

(Description Provided by CVE) : F-Secure Anti-Virus for Windows Servers 7.0 64-bit edition allows local users to bypass virus scanning by using the system32 directory to store a crafted (1) archive or (2) packed executable. NOTE: in many environments, this does not cross privilege boundaries because any process able to write to system32 could also shut off F-Secure Anti-Virus.

[CLOSE] OSVDB ID : 36726 - Disclosed: 2007-05-30

Description:

(Description Provided by CVE) : Multiple F-Secure anti-virus products for Microsoft Windows and Linux before 20070522 allow remote attackers to cause a denial of service (file scanning infinite loop) via certain crafted (1) ARJ archives or (2) FSG packed files.

[CLOSE] OSVDB ID : 20552 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named diag.cgi in the current working directory, and executes the SUID script diag_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20549 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named dns.cgi in the current working directory, and executes the SUID script dns_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20539 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named edittmpl.cgi in the current working directory, and executes the SUID script edittmpl_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20544 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named edituserdb.cgi in the current working directory, and executes the SUID script edituserdb_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20542 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named gateway.cgi in the current working directory, and executes the SUID script gateway_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20543 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named halt.cgi in the current working directory, and executes the SUID script halt_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20541 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named hostname.cgi in the current working directory, and executes the SUID script hostname_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20545 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named htpasswd.cgi in the current working directory, and executes the SUID script htpasswd_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20513 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named ifconfig.cgi in the current working directory, and executes the SUID script ifconfig_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20548 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named iptables.cgi in the current working directory, and executes the SUID script iptables_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20547 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named license.cgi in the current working directory, and executes the SUID script license_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20550 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named pattern_autoup.cgi in the current working directory, and executes the SUID script pattern_autoup_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20546 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named pattern_up.cgi in the current working directory, and executes the SUID script pattern_up_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20538 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named proxy.cgi in the current working directory, and executes the SUID script proxy_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20537 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named reboot.cgi in the current working directory, and executes the SUID script reboot_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20551 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named spam_list.cgi in the current working directory, and executes the SUID script spam_list_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.

[CLOSE] OSVDB ID : 20540 - Disclosed: 2005-11-07

Description:

F-Secure Anti-Virus Internet Gatekeeper for Linux and F-Secure Anti-Virus Linux Gateway contain a flaw that may allow a malicious local user to elevate privileges to root. The issue is triggered when a user creates a malicious script named version.cgi in the current working directory, and executes the SUID script version_suid.cgi using its full path. The SUID script will execute the malicious script because it looks for it in the working directory. This flaw may lead to a loss of integrity.