Comodo Internet Security < 3.9 RAR Archive Scan Evasion

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has an antivirus application installed that
is affected by a scan evasion vulnerability.

Description :

The version of Comodo Internet Security installed on the remote
Windows host is earlier than 3.9. As such, it may be possible for
certain RAR files to evade detection from the scanning engine.

See also :

http://blog.zoller.lu/2009/04/comodo-antivirus-evasionbypass.html
http://seclists.org/bugtraq/2009/Apr/256
http://www.comodo.com/home/download/release-notes.php?p=anti-malware

Solution :

Upgrade to Comodo Internet Security 3.9 or later.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 5.0
(CVSS2#E:ND/RL:U/RC:ND)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 58230 ()

Bugtraq ID: 34737

CVE ID: CVE-2009-5125

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now