TITLE: BitDefender Anti-Virus Engine Malformed Archives Virus Detection Bypass SECUNIA ADVISORY ID: SA17197 VERIFY ADVISORY: http://secunia.com/advisories/17197/ CRITICAL: Not critical IMPACT: Security Bypass WHERE: >From remote SOFTWARE: BitDefender AntiSpam for Mail Servers (Win SMTP Proxy) 1.x http://secunia.com/product/5873/ BitDefender Antivirus & Antispam for Linux and FreeBSD Mail Servers 1.x http://secunia.com/product/5875/ BitDefender Antivirus & Antispam for Mail Servers (WIN SMTP Proxy) 1.x http://secunia.com/product/2110/ BitDefender AvxScanOnline ActiveX Control 3.x http://secunia.com/product/3396/ BitDefender for File Servers 1.x http://secunia.com/product/5870/ BitDefender for Lotus Domino 1.x http://secunia.com/product/5874/ BitDefender for MS Exchange 2000 1.x http://secunia.com/product/2108/ BitDefender for MS Exchange 2003 1.x http://secunia.com/product/5872/ BitDefender for MS Exchange 5.5 1.x http://secunia.com/product/2107/ BitDefender for MS ISA Server http://secunia.com/product/2109/ BitDefender for MS SharePoint 2003 2.x http://secunia.com/product/5869/ BitDefender for Samba 1.x http://secunia.com/product/5871/ BitDefender Mail Protection for Small Business 1.x http://secunia.com/product/5876/ DESCRIPTION: fRoGGz has reported a weakness in BitDefender Anti-Virus scan engine, which can be exploited by malware to bypass certain scanning functionality. For more information: SA17126 NOTE: This is not an issue on client systems, as the malware is still detected upon execution by the desktop on-access scanner. SOLUTION: Update to the latest version via online update. PROVIDED AND/OR DISCOVERED BY: fRoGGz, SecuBox Labs ORIGINAL ADVISORY: http://kb.bitdefender.com/KB262-en--Malformed-Archives-Scan-Evasion-Vulnerability.html OTHER REFERENCES: SA17126: http://secunia.com/advisories/17126/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------