Regarding F-Prot for Linux

Dear Sir or Madam:

Vulnerability reported in F-Prot" Antivirus for Linux fixed

In response to an advisory posted on vuln-dev indicating security problems in the commandline scanner in F-Prot Antivirus for Linux and FreeBSD.

FRISK Software International would like to emphasize that the problem has been resolved. Updated packages are available for download now.

The problem was in insufficient bounds checking on the filename argument, when writing out the scan report in the case of non-existing file. This programming error does not constitute a security threat.

Certain applications could however constitute a security threat by their usage of F-Prot" Antivirus.

For example administrators might have setup the tool to be run as administrator without regard to the individual user's authority (suid root), in which case it would constitute a privilege elevation problem.

However, default installations and use of F-Prot" Antivirus with recommended third-party tools are not vulnerable. Neither is the daemon version of F-Prot Antivirus of Linux and FreeBSD.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

Also, the advisory stated that the latest available version of F-Prot Antivirus for Linux and FreeBSD was version 3.12b. This is wrong. The latest available version of F-Prot Antivirus for Linux and FreeBSD is version 3.12d, available since 20th january 2003. Release number 1 of the 3.12d RPM and Debian packages, and the latest tarballs have been patched.

We recommend that usere running an older version of F-Prot" Antivirus for Linux update their program by visiting our <http://subscription.f-prot.com/download.html>updates center.

Best regards,
Arnar Thor Stefansson
F-Prot Antivirus Tech Support

support@f-prot.com
http://www.f-prot.com
Tel: +354 540-7400
Fax: +354 540-7401

When replying, please copy your entire previous message/thread.

Use the reply function of your e-mail program in order to keep the same subject of our response (including the tracking number). Otherwise your message may be delayed.

If you are interested in receiving an e-mail notice when updates and new versions are released then you can subscribe at http://alerts.f-prot.com Received on Wed Feb 26 13:51:05 2003