Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 69713

Summary: Multiple Vendor Antivirus Software Zip Files Detection Evasion Vulnerability
Product: Gentoo Security Reporter: Robert Muchacki (RETIRED) <muchar>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED INVALID    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.securityfocus.com/bid/11448
Whiteboard:
Package list:
Runtime testing required: ---

Description Robert Muchacki (RETIRED) gentoo-dev 2004-11-01 06:13:17 UTC
Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected.

A remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. 

I've noticed that "Gentoo" is in the list ov vulnerable systems.

Reproducible: Always
Steps to Reproduce:
1.
2.
3.
Comment 1 Robert Muchacki (RETIRED) gentoo-dev 2004-11-01 06:14:47 UTC
Sorry, my mistake. Didn't notice the GLSA on that.