NOD32 Multiple Buffer Overflow Vulnerabilities
TITLE: NOD32 Multiple Buffer Overflow Vulnerabilities
CLASS: Boundary Condition Error
CVE:
REMOTE: No
LOCAL: Yes
PUBLISHED: May 22 2007 12:00AM
UPDATE: May 22 2007 11:58PM
CREDIT: Ismael Briones is credited with the discovery of these vulnerabilities.
VULNERABLE:
Eset Software NOD32 2.7NOT VULNERABLE:
Vai alla pagina originale su Security Focus
Discussion
NOD32 is prone to multiple stack-based buffer-overflow vulnerabilities because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.
An attacker can exploit these issues to execute arbitrary code with SYSTEM-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts will cause denial-of-service conditions.
These issue affects NOD32 2.7 prior to update 2.70.37.0
Exploit
A proof of concept is available, but not to the general public.
Solution
Solution:
The vendor has released an update that addresses these issues. This update is available through the automatic update facility. Please see the references for more information.
References
References:
- Eset NOD32 AntiVirus Home Page (Eset)
- NOD32 Antivirus Long Path Name Stack Overflow Vulnerabilities (ismak@inkatel.com)