Buffer overflow : avast! Multiple Vulnerabilities

Resumen de Precio/Funciones | Ordenar | Nuevas Vulnerabilidades | Confidencialidad | Búsqueda de Vulnerabilidad

Búsqueda de Vulnerabilidad		Buscar 61204 Descripciones CVE y 32582 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.801111

Categoría: Buffer overflow

Título: avast! Multiple Vulnerabilities - Oct09 (Win)

Resumen: Check the version of avas ! Antivirus

Descripción:
Overview: This host is installed with avast! AntiVirus and is prone to multiple
vulnerabilities.

Vulnerability Insight:
- A boundary error exists in the 'aswMon2' kernel driver when processing
IOCTLs. This can be exploited to cause a stack-based buffer overflow
via a specially crafted 0xB2C80018 IOCTL.
- An error in the 'AavmKer4.sys' kernel driver that can be exploited to
corrupt memory via a specially crafted 0xB2D6000C or 0xB2D60034 IOCTL.
- An unspecified error exists in the ashWsFtr.dll library which can be
exploited to cause unknow impact.

Impact:
Successful exploitation will let the local attackers to cause a Denial of
Service or gain escalated privileges on the victim's system.

Impact Level: System/Application

Affected Software/OS:
avast! Home and Professional version prior to 4.8.1356 on Windows

Fix: Upgrade to avast! version 4.8.1356 or later
http://www.avast.com/eng/download.html

References:
http://secunia.com/advisories/36858/
http://www.securityfocus.com/archive/1/506681
http://www.vupen.com/english/advisories/2009/2761

Referencia Cruzada: BugTraq ID: 36507
Common Vulnerability Exposure (CVE) ID: CVE-2009-3522
Bugtraq: 20090923 Avast aswMon2.sys kernel memory corruption and Local Privilege Escalation. (Google Search)
http://www.securityfocus.com/archive/1/archive/1/506681/100/0/threaded
https://www.evilfingers.com/advisory/Advisory/Avast_aswMon2.sys_kernel_memory_corruption_and_Local_Privilege_Escalation.php
http://www.securityfocus.com/bid/36507
http://osvdb.org/58402
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6226
http://www.securitytracker.com/id?1022940
http://secunia.com/advisories/36858
http://www.vupen.com/english/advisories/2009/2761
XForce ISS Database: avast-aswmon2-bo(53456)
http://xforce.iss.net/xforce/xfdb/53456
Common Vulnerability Exposure (CVE) ID: CVE-2009-3523
http://www.ntinternals.org/ntiadv0904/ntiadv0904.html
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6024
Common Vulnerability Exposure (CVE) ID: CVE-2009-3524
http://osvdb.org/58403
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6509

Copyright Copyright (C) 2009 Greenbone Networks GmbH

Esta es sólo una de 32582 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

Registro de Nuevo Usuario
Email:

Usuario:

Contraseña:

Envíeme por email sus boletines mensuales, informándome los últimos servicios, mejoras y encuestas.

Por favor envíeme por email un anuncio de prueba de vulnerabilidades siempre que se agregue una nueva prueba.

Privacidad

Ingreso de Usuario Registrado

Usuario:

Contraseña:

¿Olvidó su usuario o contraseña??

Email/ID de Usario:

ID de Prueba:	1.3.6.1.4.1.25623.1.0.801111
Categoría:	Buffer overflow
Título:	avast! Multiple Vulnerabilities - Oct09 (Win)
Resumen:	Check the version of avas ! Antivirus
Descripción:	Overview: This host is installed with avast! AntiVirus and is prone to multiple vulnerabilities. Vulnerability Insight: - A boundary error exists in the 'aswMon2' kernel driver when processing IOCTLs. This can be exploited to cause a stack-based buffer overflow via a specially crafted 0xB2C80018 IOCTL. - An error in the 'AavmKer4.sys' kernel driver that can be exploited to corrupt memory via a specially crafted 0xB2D6000C or 0xB2D60034 IOCTL. - An unspecified error exists in the ashWsFtr.dll library which can be exploited to cause unknow impact. Impact: Successful exploitation will let the local attackers to cause a Denial of Service or gain escalated privileges on the victim's system. Impact Level: System/Application Affected Software/OS: avast! Home and Professional version prior to 4.8.1356 on Windows Fix: Upgrade to avast! version 4.8.1356 or later http://www.avast.com/eng/download.html References: http://secunia.com/advisories/36858/ http://www.securityfocus.com/archive/1/506681 http://www.vupen.com/english/advisories/2009/2761
Referencia Cruzada:	BugTraq ID: 36507 Common Vulnerability Exposure (CVE) ID: CVE-2009-3522 Bugtraq: 20090923 Avast aswMon2.sys kernel memory corruption and Local Privilege Escalation. (Google Search) http://www.securityfocus.com/archive/1/archive/1/506681/100/0/threaded https://www.evilfingers.com/advisory/Advisory/Avast_aswMon2.sys_kernel_memory_corruption_and_Local_Privilege_Escalation.php http://www.securityfocus.com/bid/36507 http://osvdb.org/58402 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6226 http://www.securitytracker.com/id?1022940 http://secunia.com/advisories/36858 http://www.vupen.com/english/advisories/2009/2761 XForce ISS Database: avast-aswmon2-bo(53456) http://xforce.iss.net/xforce/xfdb/53456 Common Vulnerability Exposure (CVE) ID: CVE-2009-3523 http://www.ntinternals.org/ntiadv0904/ntiadv0904.html http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6024 Common Vulnerability Exposure (CVE) ID: CVE-2009-3524 http://osvdb.org/58403 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6509
Copyright	Copyright (C) 2009 Greenbone Networks GmbH