Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2010 LSSOPENVAS:102050
HistoryJul 08, 2010 - 12:00 a.m.

Avast! Zoo Denial of Service Vulnerability

2010-07-0800:00:00
Copyright (C) 2010 LSS
plugins.openvas.org
9

0.041 Low

EPSS

Percentile

91.2%

JSON

avast! antivirus before 4.7.981 allows remote attackers to
cause a denial of service (infinite loop) via a Zoo archive
with a direntry structure that points to a previous file.

###################################################################
# OpenVAS Vulnerability Test
#
# Avast! Zoo Denial of Service Vulnerability
#
# LSS-NVT-2010-039
#
# Developed by LSS Security Team <http://security.lss.hr>
#
# Copyright (C) 2010 LSS <http://www.lss.hr>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program. If not, see
# <http://www.gnu.org/licenses/>.
###################################################################

tag_solution = "Update to a newer version.";
tag_summary = "avast! antivirus before 4.7.981 allows remote attackers to
  cause a denial of service (infinite loop) via a Zoo archive
  with a direntry structure that points to a previous file.";

if(description)
{
  script_id(102050);
  script_version("$Revision: 5660 $");
  script_tag(name:"last_modification", value:"$Date: 2017-03-21 12:29:28 +0100 (Tue, 21 Mar 2017) $");
  script_tag(name:"creation_date", value:"2010-07-08 10:59:30 +0200 (Thu, 08 Jul 2010)");
  script_cve_id("CVE-2007-1672");
  script_bugtraq_id(23823);
  script_name("Avast! Zoo Denial of Service Vulnerability");
  script_tag(name:"cvss_base", value:"7.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2010 LSS");
  script_family("Denial of Service");
  script_dependencies("gb_avast_av_detect_win.nasl");
  script_require_keys("Avast!/AV/Win/Ver");
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name:"qod_type", value:"registry");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}

include ("version_func.inc");

version = get_kb_item("Avast!/AV/Win/Ver");
if (!version) exit (0);
vuln_version = "4.7.981";

is_vuln = version_is_less_equal (version: version, test_version:vuln_version);

if (is_vuln) {
  security_message(0);
}

Related

prion 1
cve 1
openvas 1
securityvulns 2
prion
prion
Code injection
2007-05-09 00:19:00
cve
cve
CVE-2007-1672
2007-05-09 00:19:00
openvas
openvas
Avast! Zoo Denial of Service Vulnerability
2010-07-08 00:00:00
securityvulns
securityvulns
Multiple Zoo archivers DoS
2007-05-07 00:00:00
Multiple vendors ZOO file decompression infinite loop DoS
2007-05-07 00:00:00

0.041 Low

EPSS

Percentile

91.2%

JSON
Related for OPENVAS:102050
prion1cve1openvas1securityvulns2