F-Secure Scan Evasion
Medium Nessus Network Monitor Plugin ID 3675
SynopsisThe remote antivirus scanner may be tricked into not scanning certain files.
DescriptionThe remote host is running F-Secure, a firewall and antivirus software package. This version of F-Secure is vulnerable to a flaw where specially crafted file names are not scanned. This can lead to potentially damaging files not being deleted or quarantined. An attacker exploiting this flaw would only need the ability to create these files and deliver them to a vulnerable F-Secure user. Successful exploitation would result in a false sense of security.
SolutionUpgrade or patch according to vendor recommendations.