F-Secure Scan Evasion

Medium Nessus Network Monitor Plugin ID 3675

Synopsis

The remote antivirus scanner may be tricked into not scanning certain files.

Description

The remote host is running F-Secure, a firewall and antivirus software package. This version of F-Secure is vulnerable to a flaw where specially crafted file names are not scanned. This can lead to potentially damaging files not being deleted or quarantined. An attacker exploiting this flaw would only need the ability to create these files and deliver them to a vulnerable F-Secure user. Successful exploitation would result in a false sense of security.

Solution

Upgrade or patch according to vendor recommendations.

See Also

http://www.f-secure.com/download-purchase/list.shtml

Plugin Details

Severity: Medium

ID: 3675

Family: Generic

Published: 2006/07/03

Modified: 2016/02/05

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:U/RL:U/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 4.8

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS3#E:U/RL:U/RC:C

Reference Information

CVE: CVE-2006-3489, CVE-2006-3490

BID: 18693