InterScan VirusWall uuencoded Filename Buffer Overflow Vulnerability

InterScan VirusWall includes the ability to scan for virii in uuencoded files. Due to an unchecked buffer in the code, if a uuencoded file is sent that includes an embedded final filename of more than 128 characters, arbitrary remote code can be executed at the privilege level of the VirusWall software. In an NT installation, VirusWall runs as SYSTEM by default.


 

Privacy Statement
Copyright 2010, SecurityFocus