漏洞信息详情
F-Prot Antivirus multipart/mixed MIME文件安全绕过漏洞
- CNNVD编号:CNNVD-200612-167
- 危害等级: 中危
- CVE编号: CVE-2006-6407
- 漏洞类型: 设计错误
- 发布时间: 2006-12-09
- 威胁类型: 远程
- 更新时间: 2006-12-12
- 厂 商: f-prot
- 漏洞来源: Hendrik Weimer is ...
漏洞简介
F-Prot Antivirus for Linux x86 Mail Servers存在安全绕过漏洞。远程攻击者通过在multipart/mixed MIME文件中的base64编码的内容中注入无效字符来绕过病毒侦测,如EICAR测试文件。
漏洞公告
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
MandrakeSoft Linux Mandrake 2007.0
Mandriva clamav-0.88.7-1.1mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download
Mandriva clamav-0.88.7-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download
Mandriva clamav-db-0.88.7-1.1mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download
Mandriva clamav-milter-0.88.7-1.1mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download
Mandriva clamd-0.88.7-1.1mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download
Mandriva libclamav1-0.88.7-1.1mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download
Mandriva libclamav1-devel-0.88.7-1.1mdv2007.0.i586.rpm
Mandriva Linux 2007.0:
http://www.mandriva.com/en/download
MandrakeSoft Corporate Server 4.0
Mandriva clamav-0.88.7-0.1.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download
Mandriva clamav-0.88.7-0.1.20060mlcs4.src.rpm
Corporate 4.0:
http://www.mandriva.com/en/download
Mandriva clamav-db-0.88.7-0.1.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download
Mandriva clamav-milter-0.88.7-0.1.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download
Mandriva clamd-0.88.7-0.1.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download
Mandriva libclamav1-0.88.7-0.1.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download
Mandriva libclamav1-devel-0.88.7-0.1.20060mlcs4.i586.rpm
Corporate 4.0:
http://www.mandriva.com/en/download
MandrakeSoft Linux Mandrake 2007.0 x86_64
Mandriva clamav-0.88.7-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download
Mandriva clamav-0.88.7-1.1mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download
Mandriva clamav-db-0.88.7-1.1mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download
Mandriva clamav-milter-0.88.7-1.1mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download
Mandriva clamd-0.88.7-1.1mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download
Mandriva lib64clamav1-0.88.7-1.1mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download
Mandriva lib64clamav1-devel-0.88.7-1.1mdv2007.0.x86_64.rpm
Mandriva Linux 2007.0/X86_64:
http://www.mandriva.com/en/download
MandrakeSoft Linux Mandrake 2006.0 x86_64
Mandriva clamav-0.88.7-0.1.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
http://www.mandriva.com/en/download
Mandriva clamav-0.88.7-0.1.20060mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://www.mandriva.com/en/download
Mandriva clamav-db-0.88.7-0.1.20060mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://www.mandriva.com/en/download
Mandriva clamav-milter-0.88.7-0.1.20060mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://www.mandriva.com/en/download
Mandriva clamd-0.88.7-0.1.20060mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://www.mandriva.com/en/download
Mandriva lib64clamav1-0.88.7-0.1.20060mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://www.mandriva.com/en/download
Mandriva lib64clamav1-devel-0.88.7-0.1.20060mdk.x86_64.rpm
Mandriva Linux 2006.0/X86_64:
http://www.mandriva.com/en/download
MandrakeSoft Linux Mandrake 2006.0
Mandriva clamav-0.88.7-0.1.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download
Mandriva clamav-0.88.7-0.1.20060mdk.src.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download
Mandriva clamav-db-0.88.7-0.1.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download
Mandriva clamav-milter-0.88.7-0.1.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download
Mandriva clamd-0.88.7-0.1.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download
Mandriva libclamav1-0.88.7-0.1.20060mdk.i586.rpm
Mandriva Linux 2006.0:
http://www.mandriva.com/en/download
Mandriva libclamav1-devel-0.88.7-0.1.20060mdk.
参考网址
来源: BID
名称: 21461
链接:http://www.securityfocus.com/bid/21461
来源: BUGTRAQ
名称: 20061206 Multiple Vendor Unusual MIME Encoding Content Filter Bypass
链接:http://www.securityfocus.com/archive/1/archive/1/453654/100/0/threaded
来源: MISC
链接:http://www.quantenblog.net/security/virus-scanner-bypass
受影响实体
- F-Prot F-Prot_antivirus:4.6.6:Linux_x85_mail_servers
补丁
暂无
评论