Multiple HAURI Anti-Virus products contain a flaw that allows a remote attacker to overwrite arbitrary files. The issue is due to unsafe extraction of compressed archives into a temporary directory before scanning which can be used to write files into arbitrary directories when scanning, specifically a malicious archive containing files that have "../../" directory sequences in their filenames, resulting a loss of integrity.

Currently, there are no known workarounds or upgrades to correct this issue. Vendor has released a patch to address this vulnerability, however the updated version obtained available via online update is still vulnerable when scanning certain archive types.

• Security Tracker: 1014740
• Secunia Advisory ID: 15846
• CVE ID: 2005-2670 (see also: NVD)
• Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0664.html
  http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0700.html
• Other Advisory URL: http://secunia.com/secunia_research/2005-24/advisory/
• Vendor URL: http://www.globalhauri.com/
• Vendor Specific Solution URL: http://www.globalhauri.com/html/download/down_unixpatch.html

• Tan Chew Keong - vulnsecunia.com - Secunia Research