Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Product Security

FSC-2006-3: Buffer overflow in Web Console of F-Secure Anti-Virus

 

Brief Description

There is buffer overflow vulnerability in the web console before authentication takes place. The overflow may crash the web console process. By default the connections are only allowed from the local host. It may be possible to execute arbitrary code with this vulnerability. There are no known exploits for this currently. To solve the problem apply the appropriate hotfix.

Possible Scenarios

Scenario 1
Default configuration. Web Console is configured by default to accept connections only from the local host.

Risk Factor Medium
There is a possibility to exploit the buffer overflow vulnerability from the local host. To solve the problem apply the appropriate hotfix.

Scenario 2
Web Console is configured to allow connections from specific/trusted hosts.

Risk Factor Medium
There is a possibility to exploit the buffer overflow vulnerability from the local host. To solve the problem apply the appropriate hotfix.

Scenario 3
Web Console is configured to allow connections from all hosts.

Risk Factor Critical
There is a possibility to exploit the buffer overflow vulnerability from the local host. To solve the problem apply the appropriate hotfix.
 

Affected Platforms   

All platforms supported by the affected products
 

Products

Risk Level: HIGH (Low/Medium/High/Critical)

F-Secure Anti-Virus for Microsoft Exchange 6.40
F-Secure Internet Gatekeeper 6.50, 6.42, 6.41, 6.40 versions

Note: Earlier versions of F-Secure Service Platform for Service Providers are known as F-Secure Personal Express

 

Mitigating Factors

Web Console for F-Secure Anti-Virus for Microsoft Exchange and F-Secure Internet Gatekeeper are configured by default to accept local host connections only meaning that it is possible to access the Web Console only from the local machine. There is no known exploit for this buffer overflow.
 

Credit

F-Secure want to thank Mikko Korppi for bringing this issue to our attention.
 

Patch Available

Product Versions        Download
AF-Secure Anti-Virus for Microsoft Exchange 6.40 Apply hotfix for F-Secure Anti-Virus for Microsoft Exchange 6.40: ftp://ftp.f-secure.com/support/hotfix/fsav-mse/fsavmse640-05.zip
F-Secure Internet Gatekeeper 6.50 Upgrade to F-Secure Internet Gatekeeper 6.60 or apply hotfix for the F-Secure Internet Gatekeeper 6.50: ftp://ftp.f-secure.com/support/hotfix/fsig/fsigk650-01.zip
F-Secure Internet Gatekeeper 6.42, 6.41, 6.40 Upgrade to F-Secure Internet Gatekeeper 6.60

 

Date Issued: 2006-06-01
Last Updated: 2006-06-01

Get Support online

For documentation and product support, visit our Support site.

 

F-Secure Community

 
Give advice. Get advice. Share the knowledge on our free discussion forum.