Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Product Security

FSC-2012-1: Scanning Bypass Vulnerability

 

Brief Description

RedirFS based implementation of real-time (on-access) scanning in Linux Security product will not work on non-root filesystems.

Affected Platforms   

•     Centos 6.0
•     Debian 5.0
•     Debian 6.0
•     Fedora 8
•     Red Hat Enterprise Linux 6
•     SUSE Linux Enterprise Server 11
•     Ubuntu 8.04
•     Ubuntu 10.04
•     Ubuntu 10.10

Products

Risk Level: HIGH (Low/Medium/High/Critical)

•      F-Secure Linux Security 9.10 and 9.11

Notes

The affected product versions are not the latest in the product line. The recommended solution is to upgrade to version 9.12. A hotfix is provided for installations where upgrade is not possible.

Mitigating Factors

•      Manual (on-demand) scanning is not affected.
•      Command-line only installations are not affected.
•      Linux Security installations on platforms not listed above use the Dazuko driver by default and are not affected.

Fix Available

Product Versions        Download
F-Secure Linux Security 9.10 – 9.11

Hotfix:
ftp://ftp.f-secure.com/support/hotfix/fsav-linux/fsls-91x-oas-hotfix.tar.gz


Upgrade to version 9.12:
http://www.f-secure.com/en/web/business_global/support/downloads/-/carousel/view/83


Date Issued: 2012-03-13
Last Updated: 2012-03-13

Get Support online

For documentation and product support, visit our Support site.

 

F-Secure Community

 
Give advice. Get advice. Share the knowledge on our free discussion forum.