Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.NOD32_2_70_37_0.NASL
HistoryMay 23, 2007 - 12:00 a.m.

NOD32 Antivirus Directory Name Handling Multiple Operation Overflows

2007-05-2300:00:00
This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
www.tenable.com
9
JSON

The version of NOD32 installed on the remote host reportedly contains two stack overflow vulnerabilities that can be triggered when the application tries to delete, disinfect, or rename an infected file in a specially-formatted directory. A remote attacker may be able to leverage these issues to execute code remotely or crash the affected service.

#
#  (C) Tenable Network Security, Inc.
#


include("compat.inc");

if (description)
{
  script_id(25293);
  script_version("1.12");

  script_cve_id("CVE-2007-2852");
  script_bugtraq_id(24098);

  script_name(english:"NOD32 Antivirus Directory Name Handling Multiple Operation Overflows");
  script_summary(english:"Checks version of NOD32"); 
 
 script_set_attribute(attribute:"synopsis", value:
"The remote Windows host has an application that is affected by
multiple buffer overflow vulnerabilities." );
 script_set_attribute(attribute:"description", value:
"The version of NOD32 installed on the remote host reportedly contains
two stack overflow vulnerabilities that can be triggered when the
application tries to delete, disinfect, or rename an infected file in
a specially-formatted directory.  A remote attacker may be able to
leverage these issues to execute code remotely or crash the affected
service." );
 script_set_attribute(attribute:"see_also", value:"https://www.securityfocus.com/archive/1/469300/30/0/threaded" );
 script_set_attribute(attribute:"see_also", value:"https://support.eset.com/news/" );
 script_set_attribute(attribute:"solution", value:
"Upgrade to NOD32 v2.70.37 or later." );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");
 script_set_attribute(attribute:"plugin_publication_date", value: "2007/05/23");
 script_set_attribute(attribute:"vuln_publication_date", value: "2007/05/21");
 script_cvs_date("Date: 2018/11/15 20:50:27");
script_set_attribute(attribute:"plugin_type", value:"local");
script_end_attributes();

 
  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");

  script_dependencies("nod32_installed.nasl");
  script_require_keys("Antivirus/NOD32/version");

  exit(0);
}


ver = get_kb_item("Antivirus/NOD32/version");
if (isnull(ver)) exit(0);

iver = split(ver, sep:'.', keep:FALSE);
for (i=0; i<max_index(iver); i++)
  iver[i] = int(iver[i]);

if (
  iver[0] < 2 ||
  (
    iver[0] == 2 &&
    (
      iver[1] < 70 ||
      (iver[1] == 70 && iver[2] < 37)
    )
  )
) 
{
  # nb: the GUI only reports 3 parts of the version.
  version = string(iver[0], ".", iver[1], ".", iver[2]);
  report = desc + string(
    "\n",
    "Version ", version, " of the NOD32 Antivirus System is currently installed\n",
    "on the remote host.\n"
  );
  security_hole(port:get_kb_item("SMB/transport"), extra:report);
}

Related

cve 1
prion 1
cve
cve
CVE-2007-2852
2007-05-24 19:30:00
prion
prion
Stack overflow
2007-05-24 19:30:00
JSON
Related for NOD32_2_70_37_0.NASL
cve1prion1