Sign-up

ID

VAR-200612-0588


CVE

CVE-2006-6409


TITLE

Linux Gateways of F-Secure Anti-Virus Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2006-001714

DESCRIPTION

F-Secure Anti-Virus for Linux Gateways 4.65 allows remote attackers to cause a denial of service (possibly fatal scan error), and possibly bypass virus detection, by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file. Various security products are prone to a filter-bypass weakness. These products include: - BitDefender Mail Protection for SMB 2.0 - ClamAV 0.88.6 - F-prot AntiVirum for Linux x86 Mail Servers 4.6.6 - Kaspersky Anti-Virus for Linux Mail Server 5.5.10 Other applications and versions may also be affected. This issue occurs because the application fails to handle malformed input that may allow an attacker to bypass the file-filtering mechanism. There is a security bypass vulnerability in F-Secure Anti-Virus for Linux Gateways. Such as passing the EICAR test file

Trust: 1.98

sources: NVD: CVE-2006-6409 // JVNDB: JVNDB-2006-001714 // BID: 21461 // VULHUB: VHN-22517

AFFECTED PRODUCTS

vendor:f securemodel:f-secure anti-virusscope:eqversion:4.65

Trust: 1.6

vendor:f securemodel:f-secure anti-virusscope:eqversion:linux gateways 4.65

Trust: 0.8

vendor:susemodel:linux enterprise serverscope:eqversion:9

Trust: 0.3

vendor:susemodel:linux enterprise serverscope:eqversion:10

Trust: 0.3

vendor:susemodel:linuxscope:eqversion:9.3

Trust: 0.3

vendor:s u s emodel:linuxscope:eqversion:10.1

Trust: 0.3

vendor:s u s emodel:linuxscope:eqversion:10.0

Trust: 0.3

vendor:novellmodel:open enterprise serverscope:eqversion:0

Trust: 0.3

vendor:novellmodel:linux desktopscope:eqversion:9

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2006.0

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2006.0

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:2007.0

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:2007.0

Trust: 0.3

vendor:mandrakesoftmodel:corporate server x86 64scope:eqversion:4.0

Trust: 0.3

vendor:mandrakesoftmodel:corporate server x86 64scope:eqversion:3.0

Trust: 0.3

vendor:mandrakesoftmodel:corporate serverscope:eqversion:3.0

Trust: 0.3

vendor:mandrakesoftmodel:corporate serverscope:eqversion:4.0

Trust: 0.3

vendor:kolabmodel:groupware serverscope:eqversion:2.0.4

Trust: 0.3

vendor:kolabmodel:groupware serverscope:eqversion:2.0.3

Trust: 0.3

vendor:kolabmodel:groupware serverscope:eqversion:2.0.2

Trust: 0.3

vendor:kolabmodel:groupware serverscope:eqversion:2.0.1

Trust: 0.3

vendor:kolabmodel:groupware serverscope:eqversion:1.0.8

Trust: 0.3

vendor:kolabmodel:groupware serverscope:eqversion:1.0.7

Trust: 0.3

vendor:kolabmodel:groupware serverscope:eqversion:1.0.6

Trust: 0.3

vendor:kolabmodel:groupware serverscope:eqversion:1.0.5

Trust: 0.3

vendor:kolabmodel:groupware serverscope:eqversion:1.0.3

Trust: 0.3

vendor:kolabmodel:groupware serverscope:eqversion:1.0.1

Trust: 0.3

vendor:kolabmodel:groupware serverscope:eqversion:1.0-20040426

Trust: 0.3

vendor:kolabmodel:groupware serverscope:eqversion:1.0

Trust: 0.3

vendor:kolabmodel:groupware server 2.1beta2scope: - version: -

Trust: 0.3

vendor:kolabmodel:groupware server 2.1.beta3scope: - version: -

Trust: 0.3

vendor:kasperskymodel:anti-virusscope:eqversion:5.5.10

Trust: 0.3

vendor:friskmodel:software f-prot antivirusscope:eqversion:4.6.6

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:3.1

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:3.1

Trust: 0.3

vendor:debianmodel:linux ppcscope:eqversion:3.1

Trust: 0.3

vendor:debianmodel:linux mipselscope:eqversion:3.1

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:3.1

Trust: 0.3

vendor:debianmodel:linux m68kscope:eqversion:3.1

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:3.1

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:3.1

Trust: 0.3

vendor:debianmodel:linux hppascope:eqversion:3.1

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:3.1

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:3.1

Trust: 0.3

vendor:debianmodel:linux alphascope:eqversion:3.1

Trust: 0.3

vendor:debianmodel:linuxscope:eqversion:3.1

Trust: 0.3

vendor:clammodel:anti-virus clamavscope:eqversion:0.88.6

Trust: 0.3

vendor:bitdefendermodel:mail protection for smbscope:eqversion:2.0

Trust: 0.3

sources: BID: 21461 // JVNDB: JVNDB-2006-001714 // CNNVD: CNNVD-200612-173 // NVD: CVE-2006-6409

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-6409
value: HIGH

Trust: 1.0

NVD: CVE-2006-6409
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200612-173
value: CRITICAL

Trust: 0.6

VULHUB: VHN-22517
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2006-6409
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-22517
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-22517 // JVNDB: JVNDB-2006-001714 // CNNVD: CNNVD-200612-173 // NVD: CVE-2006-6409

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-6409

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200612-173

TYPE

Design Error

Trust: 0.9

sources: BID: 21461 // CNNVD: CNNVD-200612-173

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-001714

PATCH
title:Top Pageurl:http://www.f-secure.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2006-001714

EXTERNAL IDS
db:NVDid:CVE-2006-6409
Trust: 2.8
db:BIDid:21461
Trust: 2.0
db:JVNDBid:JVNDB-2006-001714
Trust: 0.8
db:CNNVDid:CNNVD-200612-173
Trust: 0.7
db:BUGTRAQid:20061206 MULTIPLE VENDOR UNUSUAL MIME ENCODING CONTENT FILTER BYPASS
Trust: 0.6
db:VULHUBid:VHN-22517
Trust: 0.1
sources:
            
            
            VULHUB: VHN-22517 // 
            
            
            
            BID: 21461 // 
            
            
            
            JVNDB: JVNDB-2006-001714 // 
            
            
            
            CNNVD: CNNVD-200612-173 // 
            
            
            
            NVD: CVE-2006-6409

REFERENCES
url:http://www.quantenblog.net/security/virus-scanner-bypass
Trust: 2.0
url:http://www.securityfocus.com/bid/21461
Trust: 1.7
url:http://www.securityfocus.com/archive/1/453654/100/0/threaded
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6409
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6409
Trust: 0.8
url:http://www.securityfocus.com/archive/1/archive/1/453654/100/0/threaded
Trust: 0.6
url:http://www.bitdefender.com
Trust: 0.3
url:http://www.clamav.net/
Trust: 0.3
url:http://www.f-prot.com/
Trust: 0.3
url:http://www.kaspersky.com/
Trust: 0.3
url:http://kolab.org/security/kolab-vendor-notice-14.txt
Trust: 0.3
url:/archive/1/453654
Trust: 0.3
sources:
            
            
            VULHUB: VHN-22517 // 
            
            
            
            BID: 21461 // 
            
            
            
            JVNDB: JVNDB-2006-001714 // 
            
            
            
            CNNVD: CNNVD-200612-173 // 
            
            
            
            NVD: CVE-2006-6409

CREDITS
Hendrik Weimer is credited with the discovery of this vulnerability.
Trust: 0.9
sources:
            
            
            BID: 21461 // 
            
            
            
            CNNVD: CNNVD-200612-173

SOURCES
db:VULHUBid:VHN-22517
db:BIDid:21461
db:JVNDBid:JVNDB-2006-001714
db:CNNVDid:CNNVD-200612-173
db:NVDid:CVE-2006-6409

LAST UPDATE DATE
2024-08-14T12:10:25.245000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-22517date:2018-10-17T00:00:00
db:BIDid:21461date:2016-07-06T14:40:00
db:JVNDBid:JVNDB-2006-001714date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200612-173date:2006-12-11T00:00:00
db:NVDid:CVE-2006-6409date:2018-10-17T21:48:03.410

SOURCES RELEASE DATE
db:VULHUBid:VHN-22517date:2006-12-10T00:00:00
db:BIDid:21461date:2006-12-06T00:00:00
db:JVNDBid:JVNDB-2006-001714date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200612-173date:2006-12-09T00:00:00
db:NVDid:CVE-2006-6409date:2006-12-10T02:28:00