Regarding F-Prot for Linux

From: F-Prot Antivirus Technical Support (support@f-prot.com)
Date: Wed Feb 26 2003 - 07:44:06 PST

Next message: Knud Erik Højgaard: "Re: Regarding F-Prot for Linux"

Previous message: Mike Mires: "freeconsole()"
Next in thread: Knud Erik Højgaard: "Re: Regarding F-Prot for Linux"
Reply: Knud Erik Højgaard: "Re: Regarding F-Prot for Linux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dear Sir or Madam:


Vulnerability reported in F-Prot" Antivirus for Linux fixed

In response to an advisory posted on vuln-dev indicating security problems 
in the commandline scanner in F-Prot Antivirus for Linux and FreeBSD.

FRISK Software International would like to emphasize that the problem has 
been resolved. Updated packages are available for download now.

The problem was in insufficient bounds checking on the filename argument, 
when writing out the scan report in the case of non-existing file. This 
programming error does not constitute a security threat.

Certain applications could however constitute a security threat by their 
usage of F-Prot" Antivirus.

For example administrators might have setup the tool to be run as 
administrator without regard to the individual user's authority (suid 
root), in which case it would constitute a privilege elevation problem.

However, default installations and use of F-Prot" Antivirus with 
recommended third-party tools are not vulnerable. Neither is the daemon 
version of F-Prot Antivirus of Linux and FreeBSD.

Also, the advisory stated that the latest available version of F-Prot 
Antivirus for Linux and FreeBSD was version 3.12b. This is wrong. The 
latest available version of F-Prot Antivirus for Linux and FreeBSD is 
version 3.12d, available since 20th january 2003. Release number 1 of the 
3.12d RPM and Debian packages, and the latest tarballs have been patched.

We recommend that usere running an older version of F-Prot" Antivirus for 
Linux update their program by visiting our 
<http://subscription.f-prot.com/download.html>updates center.


Best regards,
Arnar Thor Stefansson
F-Prot Antivirus Tech Support

support@f-prot.com
http://www.f-prot.com
Tel: +354 540-7400
Fax: +354 540-7401

When replying, please copy your entire previous
message/thread.

Use the reply function of your e-mail program in
order to keep the same subject of our response
(including the tracking number).  Otherwise your
message may be delayed.

If you are interested in receiving an e-mail
notice when updates and new versions are released
then you can subscribe at http://alerts.f-prot.com

Next message: Knud Erik Højgaard: "Re: Regarding F-Prot for Linux"
Previous message: Mike Mires: "freeconsole()"
Next in thread: Knud Erik Højgaard: "Re: Regarding F-Prot for Linux"
Reply: Knud Erik Højgaard: "Re: Regarding F-Prot for Linux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Feb 26 2003 - 10:50:56 PST