Kaspersky Anti-Virus UPX File Decompression DoS

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host contains an application that is prone to a
denial of service issue.

Description :

The version of Kaspersky Anti-Virus installed on the remote host
reportedly may enter an infinite loop when it attempts to process an
executable with specially crafted compressed UPX data. A remote
attacker may be able to exploit this issue to cause the affected host
to consume all available CPU cycles, thereby denying service to users
of the affected host.

See also :

http://www.nessus.org/u?fb5726cc
http://www.securityfocus.com/archive/1/461738/30/0/threaded

Solution :

Update the virus signatures on or after 02/07/2007 and restart the
computer.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.8
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 24758 (kaspersky_upx_decompression_dos.nasl)

Bugtraq ID: 22795

CVE ID: CVE-2007-1281

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now