NOD32 Antivirus Directory Name Handling Multiple Operation Overflows

This script is Copyright (C) 2007-2011 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an application that is affected by
multiple buffer overflow vulnerabilities.

Description :

The version of NOD32 installed on the remote host reportedly contains
two stack overflow vulnerabilities that can be triggered when the
application tries to delete, disinfect, or rename an infected file in
a specially-formatted directory. A remote attacker may be able to
leverage these issues to execute code remotely or crash the affected
service.

See also :

http://www.securityfocus.com/archive/1/469300/30/0/threaded
http://www.eset.com/support/news.php

Solution :

Upgrade to NOD32 v2.70.37 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.3
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 25293 ()

Bugtraq ID: 24098

CVE ID: CVE-2007-2852

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now