Orange Business Services
Vigil@nce Vigil@nce Vigil@nce
we track for your security since 1999
 home presentation vulnerabilities documentation contact  
subscriber area subscriber area
free access free access
The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them.
recent vulnerabilities recent vulnerabilities
tracked products tracked products
RSS feed RSS feed
vulnerability

vulnerability bulletin 8733

Panda: bypassing via CAB/TAR

Synthesis of the vulnerability

An attacker can create a CAB/TAR archive containing a virus which is not detected by Panda.
Severity: 2/4.
Creation date: 22/05/2009.

Impacted products

Description of the vulnerability

Panda products detect viruses contained in CAB/TAR archives.

However, an attacker can create a slightly malformed archive, which can still be opened by tools, but which cannot be opened by the antivirus.

An attacker can therefore create a CAB/TAR archive containing a virus which is not detected by Panda.

Share this bulletin

Delicious Digg Facebook Google bookmarks LinkedIn Mail Reddit StumbleUpon Technorati Twitter Yahoo 

Complete Vigil@nce bulletin

Panda: bypassing via CAB/TAR

Characteristics

Title: Panda: bypassing via CAB/TAR.
Keywords: CAB Panda TAR bypassing.
Identifiers: BID-35072, TZO-24-2009, TZO-25-2009, VIGILANCE-VUL-8733.

Information sources

Publications and announces

Solutions for this vulnerability

Patch or workaround

Computer vulnerabilities tracking service

Vigil@nce provides network vulnerability analysis. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The technology watch team tracks security threats targeting the computer system.



















Copyright 1999-2012 Vigil@nce. Vigil@nce is a service from Orange Business Services. Site map. Legal notice. Version française