Avira Anti-Virus Zip File Scan Evasion
Medium Nessus Network Monitor Plugin ID 5015
SynopsisThe remote host is missing a critical security patch or upgrade.
DescriptionThe remote client is running the Avira Ant-Virus engine.
This version of the Avira scan engine is vulnerable to a flaw wherein attackers can bypass the scan engine by submitting files within specially formatted 'ZIP' archives. An attacker, exploiting this flaw, would be able to pass malicious code through the scan engine.
SolutionUpgrade to Avira scan engine 22.214.171.124/126.96.36.199 or later.