Multiple Anti-Virus products ". kz" scan to circumvent Vulnerabilities

Release date:
Updated on:

Affected Systems:
AVG Anti-Virus
Frisk F-Prot Antivirus
VirusBlokAda Vba32 AntiVirus
AVIRA AntiVir
Description:
--------------------------------------------------------------------------------
Bugtraq id: 51861

. Kz is the proprietary archive format of KuaiZip. Frisk F-Prot Antivirus, Avast! Antivirus, g data, Ikarus, Softwin BitDefender, Kaspersky Anti-Virus, ClamAV Panda Antivirus, CPsecure, Quick Heal, Dr. web, Sophos, emsisoft Anti-Malware, VirusBlokAda VBA32, ESET, and VirusBuster are all Anti-virus software.

Multiple anti-virus software. security Vulnerabilities exist in the implementation of kz file archiving. Remote attackers can bypass anti-virus software protection by sending malicious loads in the compressed package, placing malicious files and code on the server, resulting in bypassing virus scanning, escape detection.

<* Source: micel

Link: http://seclists.org/fulldisclosure/2012/Feb/42
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

AVG
---
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:

Http://www.grisoft.com/us/us_index.php

Frisk
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:

Www.f-prot.com

AVIRA
-----
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:

Http://www.avira.com/