Lucene search
This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.NOD32_2_70_37_0.NASLHistoryMay 23, 2007 - 12:00 a.m.
NOD32 Antivirus Directory Name Handling Multiple Operation Overflows
2007-05-2300:00:00
This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.
www.tenable.com
11
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.147
Percentile
95.8%
The version of NOD32 installed on the remote host reportedly contains two stack overflow vulnerabilities that can be triggered when the application tries to delete, disinfect, or rename an infected file in a specially-formatted directory. A remote attacker may be able to leverage these issues to execute code remotely or crash the affected service.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(25293);
script_version("1.12");
script_cve_id("CVE-2007-2852");
script_bugtraq_id(24098);
script_name(english:"NOD32 Antivirus Directory Name Handling Multiple Operation Overflows");
script_summary(english:"Checks version of NOD32");
script_set_attribute(attribute:"synopsis", value:
"The remote Windows host has an application that is affected by
multiple buffer overflow vulnerabilities." );
script_set_attribute(attribute:"description", value:
"The version of NOD32 installed on the remote host reportedly contains
two stack overflow vulnerabilities that can be triggered when the
application tries to delete, disinfect, or rename an infected file in
a specially-formatted directory. A remote attacker may be able to
leverage these issues to execute code remotely or crash the affected
service." );
script_set_attribute(attribute:"see_also", value:"https://www.securityfocus.com/archive/1/469300/30/0/threaded" );
script_set_attribute(attribute:"see_also", value:"https://support.eset.com/news/" );
script_set_attribute(attribute:"solution", value:
"Upgrade to NOD32 v2.70.37 or later." );
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_publication_date", value: "2007/05/23");
script_set_attribute(attribute:"vuln_publication_date", value: "2007/05/21");
script_cvs_date("Date: 2018/11/15 20:50:27");
script_set_attribute(attribute:"plugin_type", value:"local");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.");
script_dependencies("nod32_installed.nasl");
script_require_keys("Antivirus/NOD32/version");
exit(0);
}
ver = get_kb_item("Antivirus/NOD32/version");
if (isnull(ver)) exit(0);
iver = split(ver, sep:'.', keep:FALSE);
for (i=0; i<max_index(iver); i++)
iver[i] = int(iver[i]);
if (
iver[0] < 2 ||
(
iver[0] == 2 &&
(
iver[1] < 70 ||
(iver[1] == 70 && iver[2] < 37)
)
)
)
{
# nb: the GUI only reports 3 parts of the version.
version = string(iver[0], ".", iver[1], ".", iver[2]);
report = desc + string(
"\n",
"Version ", version, " of the NOD32 Antivirus System is currently installed\n",
"on the remote host.\n"
);
security_hole(port:get_kb_item("SMB/transport"), extra:report);
}
Related
cve
cve
CVE-2007-2852
2007-05-24 19:30:00
cvelist
cvelist
CVE-2007-2852
2007-05-24 19:00:00
nvd
nvd
CVE-2007-2852
2007-05-24 19:30:00
prion
prion
Stack overflow
2007-05-24 19:30:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.147
Percentile
95.8%
Related for NOD32_2_70_37_0.NASL