Computer Security

WebRoot SpySweeper protection bypass
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



WebRoot SpySweeper protection bypass
Published:04.02.2007
Source:BUGTRAQ
SecurityVulns ID:7179
Type:remote
Level:5/10
Description:Content is blocked only by filename. Multiple archive formats are not supported.
Affected:WEBROOT : Spy Sweeper 4.5
CVE:CVE-2006-6961 (WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on file contents, which allows remote attackers to bypass malware detection by changing a file's name.)
 CVE-2006-6960 (The Compression Sweep feature in WebRoot Spy Sweeper 4.5.9 and earlier does not handle non-ZIP archives, which allows remote attackers to bypass the malware detection via files with (1) RAR, (2) GZ, (3) TAR, (4) CAB, or (5) ACE compression.)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru