| VID |
28197 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The NOD32 AntiVirus program is vulnerable to multiple stack-based buffer overflow vulnerabilities via the long path name. NOD32 is an AntiVirus program for Microsoft Windows and Unix-based operating systems. ESET NOD32 Antivirus versions prior to 2.70.37.0 could allow a remote attacker to execute arbitrary code on the host, caused by stack-based buffer overflow errors when handling files with a specially crafted path name. A remote attacker could execute arbitrary code on the affected host or cause the affected service to crash by tricking a vulnerable application into scanning a specially crafted file.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.securityfocus.com/archive/1/archive/1/469300/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/469337/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/469468/100/0/threaded
http://www.eset.com/support/news.php
http://www.inkatel.com/wp-content/uploads/2007/05/Advisory.txt
http://www.frsirt.com/english/advisories/2007/1911
http://secunia.com/advisories/25375
* Platforms Affected:
ESET NOD32 Antivirus versions prior to 2.70.39
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of ESET NOD32 Antivirus (2.70.39 or later), available from the ESET NOD32 Antivirus Download Web site at http://www.eset.com/download/registered_software.php |
| Related URL |
CVE-2007-2852 (CVE) |
| Related URL |
24098 (SecurityFocus) |
| Related URL |
34454 (ISS) |
|
