|
|
Family: Windows --> Category: infos
F-Secure Web Console Buffer Overflow Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks version of F-Secure Web Console
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote Windows host has an application that is vulnerable to a
buffer overflow.
Description :
The remote host is running an anti-virus software application from
F-Secure.
The Windows remote host contains a version of F-Secure Internet
Gatekeeper and/or F-Secure Anti-Virus for Microsoft Exchange that is
affected by a buffer overflow in its web console that can be exploited
without any authentication.
By default, the web console accepts connections only from the local
host so this issue can be exploited remotely only if the web console
has been specifically configured to accept connections remotely.
See also :
http://www.f-secure.com/security/fsc-2006-3.shtml
Solution :
Upgrade / apply the appropriate hotfix as described in the vendor
advisory above.
Threat Level:
High / CVSS Base Score : 8
(AV:R/AC:H/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
