Dr.Web File Name Handling Overflow

Low Nessus Plugin ID 11625


The antivirus scanner is vulnerable to a denial of service.


The remote host is running Dr.Web - an antivirus program.

There is a flaw in the remote version of Dr.Web which may make it crash when scanning files whose name is excessively long.

An attacker may use this flaw to execute arbitrary code on this host.
To exploit it, an attacker would need to send a file to the remote host and have it scanned by this software.


Upgrade to version 4.29b or newer

Plugin Details

Severity: Low

ID: 11625

File Name: drweb_overflow.nasl

Version: $Revision: 1.13 $

Type: local

Agent: windows

Family: Windows

Published: 2003/05/12

Modified: 2015/01/12

Dependencies: 13855

Risk Information

Risk Factor: Low


Base Score: 2.1

Temporal Score: 1.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:ND

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: false

Exploit Ease: No known exploits are available

Reference Information

BID: 7022

OSVDB: 58904