Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2007-2018 Tenable Network Security, Inc.KASPERSKY_AV6_MULT_VULNS.NASL
HistoryApr 10, 2007 - 12:00 a.m.

Kaspersky Anti-Virus < 6.0.2.614 Multiple Vulnerabilities

2007-04-1000:00:00
This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
www.tenable.com
21

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.505 Medium

EPSS

Percentile

97.5%

JSON

The version of the Kaspersky antivirus product installed on the remote host may be affected by buffer overflow, privilege escalation, and information disclosure vulnerabilities, depending on the actual product installed.

#
# (C) Tenable Network Security, Inc.
#



include("compat.inc");

if (description)
{
  script_id(25021);
  script_version("1.21");

  script_cve_id(
    "CVE-2007-0445", 
    "CVE-2007-1112", 
    "CVE-2007-1879", 
    "CVE-2007-1880", 
    "CVE-2007-1881"
 );
  script_bugtraq_id(
    23325, 
    23326, 
    23345, 
    23346
 );

  script_name(english:"Kaspersky Anti-Virus < 6.0.2.614 Multiple Vulnerabilities");
  script_summary(english:"Checks product version");

 script_set_attribute(attribute:"synopsis", value:
"The remote Windows host contains an application that is prone to
various issues." );
 script_set_attribute(attribute:"description", value:
"The version of the Kaspersky antivirus product installed on the remote
host may be affected by buffer overflow, privilege escalation, and
information disclosure vulnerabilities, depending on the actual
product installed." );
  # http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=504
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8d1fc561" );
  # http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=505
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?09f76718" );
 script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2007/Apr/104" );
 script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2007/Apr/105" );
 script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-07-013/" );
 script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-07-014/" );
  # http://web.archive.org/web/20101004053627/http://www.kaspersky.com/technews?id=203038693
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b44c0d6c" );
  # http://web.archive.org/web/20100722074058/http://www.kaspersky.com/technews?id=203038694
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?ce1089e5" );
 script_set_attribute(attribute:"solution", value:
"If using Kaspersky Anti-Virus / Kaspersky Internet Security, upgrade
to build 6.0.2.614 or later.

If using Kaspersky Anti-Virus for Windows File Servers / Kaspersky
Anti-Virus for Windows Workstation, upgrade to version 6.0 or later." );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");
 script_set_attribute(attribute:"plugin_publication_date", value: "2007/04/10");
 script_set_attribute(attribute:"vuln_publication_date", value: "2007/04/04");
 script_cvs_date("Date: 2018/11/15 20:50:27");
 script_set_attribute(attribute:"patch_publication_date", value: "2007/04/04");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe",value:"cpe:/a:kaspersky_lab:kaspersky_anti-virus");
script_end_attributes();


  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");

  script_dependencies("kaspersky_installed.nasl");
  script_require_keys("Antivirus/Kaspersky/installed");

  exit(0);
}


# Check for issues from tech news id# 203038693.
prods = make_list(
  "Kaspersky Anti-Virus for Windows File Servers",
  "Kaspersky Anti-Virus for Windows Workstations" 
);
foreach prod (prods)
{
  install = get_kb_item("Antivirus/Kaspersky/" + prod);
  if (!isnull(install))
  {
    matches = eregmatch(pattern:"^([0-9.]+) in (.*)$", string:install);
    if (!isnull(matches))
    {
      ver = matches[1];
      iver = split(ver, sep:'.', keep:FALSE);
      for (i=0; i<max_index(iver); i++)
        iver[i] = int(iver[i]);

      # nb: versions below 6.0 are affected.
      if (iver[0] < 6)
      {
        report = string(
          "\n",
          "  Product : ", prod, "\n",
          "  Version : ", ver, "\n"
        );
        security_hole(port:get_kb_item("SMB/transport"), extra:report);
        exit(0);
      }
    }
  }
}


# Check for issues from tech news id# 203038694.
prods = make_list(
  "Kaspersky Anti-Virus", 
  "Kaspersky Internet Security"
);
foreach prod (prods)
{
  install = get_kb_item("Antivirus/Kaspersky/" + prod);
  if (!isnull(install))
  {
    matches = eregmatch(pattern:"^([0-9.]+) in (.*)$", string:install);
    if (!isnull(matches))
    {
      ver = matches[1];
      iver = split(ver, sep:'.', keep:FALSE);
      for (i=0; i<max_index(iver); i++)
        iver[i] = int(iver[i]);

      # nb: versions 6.0 below 6.0.2.614 are affected.
      if (
        iver[0] == 6 && iver[1] == 0 && 
        (
          iver[2] < 2 ||
          (iver[2] == 2 && iver[3] < 614)
        )
      )
      {
        report = string(
          "\n",
          "  Product : ", prod, "\n",
          "  Version : ", ver, "\n"
        );
        security_hole(port:get_kb_item("SMB/transport"), extra:report);
        exit(0);
      }
    }
  }
}
VendorProductVersionCPE
kaspersky_labkaspersky_anti-viruscpe:/a:kaspersky_lab:kaspersky_anti-virus

Related

securityvulns 3
kaspersky 1
prion 5
nvd 5
cvelist 5
cve 5
zdi 2
seebug 1
securityvulns
securityvulns
Multiple Kaspersky Antivirus / Internet Security security vulnerabilities
2007-04-06 00:00:00
[Full-disclosure] ZDI-07-014: Kaspersky Anti-Virus ActiveX Control Unsafe Method Exposure Vulnerablity
2007-04-06 00:00:00
[Full-disclosure] ZDI-07-013: Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability
2007-04-06 00:00:00
kaspersky
kaspersky
KLA10234 Multiple vulnerabilities in Kaspersky products
2007-04-05 00:00:00
prion
prion
Design/Logic Flaw
2007-04-06 00:19:00
Integer overflow
2007-04-06 00:19:00
Code injection
2007-04-06 00:19:00
nvd
nvd
CVE-2007-1879
2007-04-06 00:19:00
CVE-2007-1880
2007-04-06 00:19:00
CVE-2007-1112
2007-04-06 00:19:00
cvelist
cvelist
CVE-2007-1879
2007-04-06 00:00:00
CVE-2007-1880
2007-04-06 00:00:00
CVE-2007-1112
2007-04-06 00:00:00
cve
cve
CVE-2007-1879
2007-04-06 00:19:00
CVE-2007-1880
2007-04-06 00:19:00
CVE-2007-1112
2007-04-06 00:19:00
zdi
zdi
Kaspersky Antivirus ActiveX Unsafe Methods Vulnerability
2007-04-05 00:00:00
Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability
2007-04-05 00:00:00
seebug
seebug
Kaspersky AntiVirusζ€ζ―’εΌ•ζ“ŽARJζ–‡ζ‘£θ§£ζžε †ζΊ’ε‡ΊζΌζ΄ž
2007-04-07 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.505 Medium

EPSS

Percentile

97.5%

JSON
Related for KASPERSKY_AV6_MULT_VULNS.NASL
securityvulns3kaspersky1prion5nvd5cvelist5cve5zdi2seebug1