Detections
Analytics

Avira Anti-Virus Zip File Scan Evasion

medium Nessus Network Monitor Plugin ID 5015

Synopsis

The remote host is missing a critical security patch or upgrade.

Description

The remote client is running the Avira Ant-Virus engine.

This version of the Avira scan engine is vulnerable to a flaw wherein attackers can bypass the scan engine by submitting files within specially formatted 'ZIP' archives. An attacker, exploiting this flaw, would be able to pass malicious code through the scan engine.

Solution

Upgrade to Avira scan engine 8.2.0.148/7.9.0.148 or later.

See Also

http://www.securityfocus.com/archive/1/503013/30/0/threaded

Plugin Details

Severity: Medium

ID: 5015

Family: Web Clients

Published: 8/18/2004

Updated: 3/6/2019

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 5.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Reference Information

BID: 34723