Dr.Web File Name Handling Overflow

low Nessus Plugin ID 11625

Synopsis

The antivirus scanner is vulnerable to a denial of service.

Description

The remote host is running Dr.Web - an antivirus program.

There is a flaw in the remote version of Dr.Web which may make it crash when scanning files whose name is excessively long.

An attacker may use this flaw to execute arbitrary code on this host.
To exploit it, an attacker would need to send a file to the remote host and have it scanned by this software.

Solution

Upgrade to version 4.29b or newer

Plugin Details

Severity: Low

ID: 11625

File Name: drweb_overflow.nasl

Version: 1.14

Type: local

Agent: windows

Family: Windows

Published: 5/12/2003

Updated: 8/7/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS v2

Risk Factor: Low

Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Ease: No known exploits are available

Reference Information

BID: 7022

Detections

Analytics