FSC-2007-5: Scan Bypass Vulnerabilities with LHA & RAR Archives
Brief Description
F-Secure Policy Manager Server has denial of service vulnerability in fsmsh.dll host module. This may allow an attacker to execute denial of service code in F-Secure Policy Manager Server.
An attacker may remotely cause denial of service in F-Secure Policy Manager Server by using NTFS reserved words as URL filenames.
Affected Platforms
All platforms supported by the affected products
Products
Risk Level: LOW (Low/Medium/High/Critical)
Clients
F-Secure Policy Manager Server 7.00
F-Secure Policy Manager Server 6.xx
F-Secure Policy Manager Server 5.xx
Mitigating Factors
These products contain the vulnerability, but since product is always installed to internal company local area network and is not available through public Internet, the problem risk factor is low.
Credit
F-Secure want to thank David Maciejak for reporting this issue.
Patch Available
| Product | Versions | Hotfix ID | Download |
|---|---|---|---|
| F-Secure Policy Manager Server | 5.xx - 7.00 | Upgrade to F-Secure Policy Manager Server 7.01 | http://www.f-secure.com/webclub/fspm.html |
| F-Secure Policy Manager Server | 5.70 - 7.00 | fspms-700-60x-570-hotfix2.zip | ftp://ftp.f-secure.com/support/hotfix/fspm/fspms-700-60x-570-hotfix2.zip |
Date Issued: 2007-05-29
Last Updated: 2007-05-29
2007 Security advisories
- FSC-2007-6: EXE & Packed File Scanning Vulnerabilities (2007-09-27)
- FSC-2007-5: Scan Bypass Vulnerabilities with LHA & RAR Archives (2007-06-19
- FSC-2007-4: Denial of Service Vulnerability in F-Secure Policy Manager Server host module (2007-05-30)
- FSC-2007-3: EXE & Packed File Scanning Vulnerabilities (2007-05-30)
- FSC-2007-2: IOCTL Vulnerability in Real-time Scanning Component (2007-05-30)
- FSC-2007-1: Buffer Overflow Vulnerability in Handling LHA Archives (2007-05-30)
