[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] Panda Remote Heap Overflow
From:       list () rem0te ! com
Date:       2005-11-29 16:01:42
Message-ID: W799731508225861133280102 () webmail4
[Download RAW message or body]

Date
November 29, 2005

Vulnerability
The Panda Antivirus Library provides file format support for virus analysis. During \
decompression of ZOO files Panda is vulnerable to a heap overflow allowing attackers complete \
control of the system(s) being protected. This vulnerability can be exploited remotely without \
user interaction in default configurations through common protocols such as SMTP. 

Impact
Successful exploitation of Panda protected systems allows attackers unauthorized control of \
data and related privileges. It also provides leverage for further network compromise. Panda \
implementations are likely vulnerable in their default configuration.

Affected Products
Due to the library's modular design and core functionality: it is likely this vulnerability \
affects a substantial portion of Panda's gateway, server, and client antivirus enabled product \
lines on most platforms. 

http://www.pandasoftware.com/

Note: this library is also licensed to other venders with implementations that are likely \
affected, refer to Panda for specifics.

Details
http://www.rem0te.com/public/images/panda.pdf

Credit
This vulnerability was discovered and researched by Alex Wheeler.

Contact
security@rem0te.com




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[prev in list] [next in list] [prev in thread] [next in thread]