Vulners
Lucene search
Kaspersky AV/IS 2010 Denial Of Service
🗓️ 23 Aug 2009 00:00:00Reported by Maksymilian ArciemowiczType 
packetstorm🔗 packetstormsecurity.com👁 38 Views
`-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[ Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service ]
Author: Maksymilian Arciemowicz
http://SecurityReason.com
Date:
- - Dis.: 10.07.2009
- - Pub.: 19.08.2009
Risk: Medium
Affected Software (tested):
- - Kaspersky Internet Security 2010 9.0.0.459 (a) EN
- - Kaspersky Anti-Virus 2010 9.0.0.463 DE
Original URL:
http://securityreason.com/achievement_securityalert/66
- --- 0.Description ---
Kaspersky Lab is a computer security company, co-founded by Natalia
Kasperskaya and Eugene Kaspersky in 1997, offering anti-virus,
anti-spyware, anti-spam, and anti-intrusion products. Kaspersky Lab is a
privately held company headquartered in Moscow, Russia with regional
offices in Germany, France, the Netherlands, the UK, Poland, Romania,
Sweden, Japan, China, Korea and the USA.
- --- 1. Kaspersky AV/IS 2010 avp.exe Denial of Service ---
The main problem exists in parsing url addresses. If we give a lot of
dots, kaspersky avp.exe proccess, will get 100% of CPU and will block
trafic via browsers.
Relativistic time to return to normal behavior is very long. In
practice, when we give a large number of dots, kaspesky will not return
to normal behavior.
This example will denial access to the browser and other kaspersky
operations
http://lu.cxib.net/.................[<http://lu.cxib.net/.................%5B>.xY
where 1024<Y]
It can be exploited remotely by html code. (like: send email)
<img src="http://lu.cxib.net/..........................[<http://lu.cxib.net/..........................%5B>more
dots ]">
The user who executed the code above, will be deprived of the
possibility of browsing and successive reset the kaspersky.
Tested on:
- - Kaspersky Internet Security 2010 9.0.0.459 (a) (EN) + Windows Vista
Enterprise (EN)
- - Kaspersky Anti-Virus 2010 9.0.0.463 (DE) + Windows XP Home Edition (DE)
0day (18.08.2009) exploit you can find:
http://securityreason.com/downloads/kaspersky.2010.dos.html
This script, will generate <img> tags with different url lenght to block
kaspersky services.
However we can exploit this issue via html email. The method of attack
is simple. The victim need only refer to a faulty address.
- --- 2. Greets ---
sp3x Infospec Chujwamwdupe p_e_a pi3
- --- 3. Contact ---
Author: SecurityReason.com [ Maksymilian Arciemowicz ]
Email: cxib {a.t] securityreason [d0t} com
GPG: http://securityreason.com/key/Arciemowicz.Maksymilian.gpg
http://securityreason.com/
http://securityreason.pl/
- --
Best Regards,
- ------------------------
pub 1024D/A6986BD6 2008-08-22
uid Maksymilian Arciemowicz (cxib)
<[email protected]>
sub 4096g/0889FA9A 2008-08-22
http://securityreason.com
http://securityreason.com/key/Arciemowicz.Maksymilian.gpg
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAkqLQqIACgkQpiCeOKaYa9aLxgCgy3FzzR5xPzU6QgoK1VpHpjur
paQAn3ku0sU5AzHjzjo3N0qq+Kywu7i1
=rQAP
-----END PGP SIGNATURE-----
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
23 Aug 2009 00:00Current
7.4High risk
Vulners AI Score7.4