Agnitum Outpost Security Suite < 6.5.2358.316.0607 Detection Engine Bypass

Medium Nessus Network Monitor Plugin ID 4604

Synopsis

The remote host is missing a critical security patch or upgrade.

Description

The remote client is running the Agnitum Outpost security suite. This suite of tools protects users from viruses, phishing attacks, malware and more.

The vendor has reported an issue where specially formatted file names may bypass the detection engines. An attacker exploiting this flaw would need to be able to convince an Outpost user to open a malicious file. Successful exploitation would result in the attacker bypassing the security rules and passing a malicious file to the client.

Solution

Upgrade to version 6.5.2358.316.0607 or higher.

See Also

http://www.agnitum.com/products/security-suite/history.php

Plugin Details

Severity: Medium

ID: 4604

File Name: 4604.prm

Family: Web Clients

Published: 2008/07/23

Modified: 2016/02/05

Dependencies: 4603, 1735, 8314

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5.8

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

CVSSv3

Base Score: 4.7

Temporal Score: 4.6

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Temporal Vector: CVSS3#E:F/RL:U/RC:X

Reference Information

BID: 30347