Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Kaspersky hit by software hole

Kaspersky hit by software hole

by Nikola Strahija on October 6th, 2005 Kaspersky Lab has been hit by a security bug affecting a wide range of its anti-virus products. The bug is cross-platform, and can be exploited through several common protocols to take over a protected system.


The Kaspersky flaw is in an Anti-virus Library used to parse CAB files. It could be exploited via protocols such as SMTP, SMB, HTTP and FTP, according to an advisory from Alex Wheeler, who discovered the flaw.

The problem has been confirmed in version 5.0.20.0 of the CAB scanning library, and probably affects other versions as well, security researchers said. The products affected include Kaspersky Anti-Virus 4.x, Kaspersky Anti-Virus 5.x and Kaspersky SMTP-Gateway 5.x.

No official patch is yet available, according to researchers. FrSIRT, the French Security Incident Response Team, said the flaw was "critical".


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »