Details of VAR-200511-0135

ID

VAR-200511-0135

CVE

CVE-2005-3400

TITLE

Fortinet Virus scanning bypass vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200511-003

DESCRIPTION

Multiple interpretation error in Fortinet 2.48.0.0 allows remote attackers to bypass virus scanning via a file such as BAT, HTML, and EML with an "MZ" magic byte sequence which is normally associated with EXE, which causes the file to be treated as a safe type that could still be executed as a dangerous file type by applications on the end system, as demonstrated by a "triple headed" program that contains EXE, EML, and HTML content, aka the "magic byte bug.". Fortinet is prone to a security bypass vulnerability. TheHacker is an antivirus engine

Trust: 1.26

sources: NVD: CVE-2005-3400 // BID: 89236 // VULHUB: VHN-14609

AFFECTED PRODUCTS

vendor:

fortinet

model:

fortinet

scope:

version:

2.48.0.0

Trust: 1.9

sources: BID: 89236 // CNNVD: CNNVD-200511-003 // NVD: CVE-2005-3400

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-3400
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200511-003
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-14609
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-3400
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-14609
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-14609 // CNNVD: CNNVD-200511-003 // NVD: CVE-2005-3400

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-3400

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200511-003

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200511-003

EXTERNAL IDS

db:	NVD	id:	CVE-2005-3400	Trust: 2.0
db:	CNNVD	id:	CNNVD-200511-003	Trust: 0.7
db:	BUGTRAQ	id:	20051026 UPDATE FOR THE MAGIC BYTE BUG	Trust: 0.6
db:	BUGTRAQ	id:	20051025 MULTIPLE VENDOR ANTI-VIRUS SOFTWARE DETECTION EVASION VULNERABILITY THROUGH	Trust: 0.6
db:	BID	id:	89236	Trust: 0.4
db:	VULHUB	id:	VHN-14609	Trust: 0.1

sources: VULHUB: VHN-14609 // BID: 89236 // CNNVD: CNNVD-200511-003 // NVD: CVE-2005-3400

REFERENCES

url:	http://marc.info/?l=bugtraq&m=113026417802703&w=2	Trust: 1.0
url:	http://marc.info/?l=bugtraq&m=113036131526435&w=2	Trust: 1.0
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=113026417802703&w=2	Trust: 0.9
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=113036131526435&w=2	Trust: 0.9
url:	http://marc.info/?l=bugtraq&m=113026417802703&w=2	Trust: 0.1
url:	http://marc.info/?l=bugtraq&m=113036131526435&w=2	Trust: 0.1

sources: VULHUB: VHN-14609 // BID: 89236 // CNNVD: CNNVD-200511-003 // NVD: CVE-2005-3400

CREDITS

Unknown

Trust: 0.3

sources: BID: 89236

SOURCES

db:	VULHUB	id:	VHN-14609
db:	BID	id:	89236
db:	CNNVD	id:	CNNVD-200511-003
db:	NVD	id:	CVE-2005-3400

LAST UPDATE DATE

2024-08-14T13:40:02.274000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-14609	date:	2016-10-18T00:00:00
db:	BID	id:	89236	date:	2005-11-01T00:00:00
db:	CNNVD	id:	CNNVD-200511-003	date:	2005-11-15T00:00:00
db:	NVD	id:	CVE-2005-3400	date:	2016-10-18T03:35:12.193

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-14609	date:	2005-11-01T00:00:00
db:	BID	id:	89236	date:	2005-11-01T00:00:00
db:	CNNVD	id:	CNNVD-200511-003	date:	2005-11-01T00:00:00
db:	NVD	id:	CVE-2005-3400	date:	2005-11-01T12:47:00