scanning software vulnerabilities

Searching scanning software vulnerabilities

Trend Micro InterScan VirusWall HTTP proxy 3.6

Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients.

Cisco 2611 router running IOS 12.1(6.5), possib

Cisco |

Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port through the router. NOTE: the vendor could not reproduce this issue, saying that the original reporter was using an interim release of the software.

The IPv6 capability in IRIX 6.5.19 allows remot

capability | IRIX | IPv6 |

The IPv6 capability in IRIX 6.5.19 allows remote attackers to cause a denial of service (hang) in inetd via port scanning.

MIMEDefang in MIME-tools 5.414 allows remote at

MIME-tools | MIMEDefang |

MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.

The Cisco IBM Director agent allows remote atta

The Cisco IBM Director agent allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.

Sophos Anti-Virus 3.78 allows remote attackers

Anti-Virus | Sophos |

Sophos Anti-Virus 3.78 allows remote attackers to bypass virus scanning by using a qmail generated Delivery Status Notification (DSN) where the original email is not included in the bounce message.

Computer Associates eTrust Antivirus EE 6.0 thr

Computer Associates eTrust Antivirus EE 6.0 through 7.0 allows remote attackers to bypass virus scanning by including a password-protected file in a ZIP file, which causes eTrust to scan only the password protected file and skip the other files.

Buffer overflow in multiple F-Secure Anti-Virus

Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive.

Clearswift MIMEsweeper 5.0.5, when it has been

MIMEsweeper | Clearswift |

Clearswift MIMEsweeper 5.0.5, when it has been upgraded from MAILsweeper for SMTP version 4.3 or MAILsweeper Business Suite I or II, allows remote attackers to bypass scanning by including encrypted data in a mail message, which causes the message to be marked as "Clean" instead of "Encrypted".

ClamAV 0.80 and earlier allows remote attackers

ClamAV |

ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL.

BitDefender Engine 1.6.1 and earlier does not p

BitDefender | Engine |

BitDefender Engine 1.6.1 and earlier does not properly scan all attachments, which allows remote attackers to bypass virus scanning via begin and end commands in the body of the e-mail, which BitDefender treats as a uuencoded attachment and stops scanning afterwards.

Heap-based buffer overflow in NOD32 2.5 with no

Heap-based buffer overflow in NOD32 2.5 with nod32.002 1.033 build 1127, with active scanning enabled, allows remote attackers to execute arbitrary code via an ARJ archive containing a file with a long filename.

Stack-based buffer overflow in AVIRA Desktop fo

Stack-based buffer overflow in AVIRA Desktop for Windows 1.00.00.68 with AVPACK32.DLL 6.31.0.3, when archive scanning is enabled, allows remote attackers to execute arbitrary code via a long filename in an ACE archive.

The FTP proxy module in Fortinet FortiOS (Forti

The FTP proxy module in Fortinet FortiOS (FortiGate) before 2.80 MR12 and 3.0 MR2 allows remote attackers to bypass anti-virus scanning via the Enhanced Passive (EPSV) FTP mode.

Unspecified vulnerability in ClamAV before 0.88

vulnerability | Unspecified | before | ClamAV |

Unspecified vulnerability in ClamAV before 0.88.5 allows remote attackers to cause a denial of service (scanning service crash) via a crafted Compressed HTML Help (CHM) file that causes ClamAV to "read an invalid memory location."

Verity Ultraseek before 5.7 allows remote attac

Verity Ultraseek before 5.7 allows remote attackers to use the server as a proxy for web attacks and host scanning via a direct request to the highlight/index.html script.

McAfee VirusScan for Mac (Virex) before 7.7 pat

VirusScan | McAfee | Mac |

McAfee VirusScan for Mac (Virex) before 7.7 patch 1 has weak permissions (0666) for /Library/Application Support/Virex/VShieldExclude.txt, which allows local users to reconfigure Virex to skip scanning of arbitrary files.

The parsing engine in ClamAV before 0.90.3 and

parsing | before | ClamAV | engine |

The parsing engine in ClamAV before 0.90.3 and 0.91 before 0.91rc1 allows remote attackers to bypass scanning via a RAR file with a header flag value of 10, which can be processed by WinRAR.

Multiple F-Secure anti-virus products for Micro

Multiple F-Secure anti-virus products for Microsoft Windows and Linux before Tuesday, June 19, 2007 allow remote attackers to bypass scanning via a crafted header in a (1) LHA or (2) RAR archive.

The AntiVirus engine in the HTTP-ALG in Clavist

The AntiVirus engine in the HTTP-ALG in Clavister CorePlus before 8.81.00 and 8.80.03 might allow remote attackers to bypass scanning via small files.

Software vulnerabilities results 1 to 20 of 56

Page: 12 3 ►

scanning software vulnerabilities

vulnerabilities.aspcode.net

Searching scanning software vulnerabilities