Avast WEBforum

Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: Erroneus on August 24, 2009, 10:28:07 PM

Title: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: Erroneus on August 24, 2009, 10:28:07 PM
You might wan't to fix this:

http://www.milw0rm.com/exploits/9492
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: spg SCOTT on August 24, 2009, 10:31:43 PM
We are at 4.8.1351 now,

http://www.avast.com/eng/avast-4-home_pro-revision-history.html

Comments from Vlk, prior to the update:

You're right, we'll be releasing a new 4.8 update soon. The main reason is that there's a security vulnerability in avast 4.8.1335 (in one of its kernel mode drivers) that needs to be fixed. Plus, there are some improvements in the scanning engine as well (in line with v5 preparations).

We didn't quite mean to release it as a beta first, but since you've already found it (as something we're currently testing)... be our guests.

I expect it will be officially released ~ next Tuesday (as time permits).

Thanks
Vlk

I think they did ;)

-Scott-
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: Vlk on August 25, 2009, 01:20:20 AM
Yep, this issue is fixed in v4.8.1351.

Thanks
Vlk
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: spg SCOTT on August 25, 2009, 11:39:08 AM
Yep, this issue is fixed in v4.8.1351.

Thanks
Vlk

Thanks for confirming Vlk :)
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: pete319 on August 26, 2009, 11:39:27 AM
They are also reporting this on Secunia,
http://secunia.com/advisories/36442/ (http://secunia.com/advisories/36442/)

Yes i know it is fixed in version  v4.8.1351.
EDIT: Just i thought i would pass it on
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: calcu007 on August 26, 2009, 12:32:07 PM
They are also reporting this on Secunia,
http://secunia.com/advisories/36442/ (http://secunia.com/advisories/36442/)

Yes i know it is fixed in version  v4.8.1351.
EDIT: Just i thought i would pass it on

if you know that was fixed then why posted it? It mislead customer
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: pete319 on August 26, 2009, 12:36:57 PM
They are also reporting this on Secunia,
http://secunia.com/advisories/36442/ (http://secunia.com/advisories/36442/)

Yes i know it is fixed in version  v4.8.1351.
EDIT: Just i thought i would pass it on

if you know that was fixed then why posted it? It mislead customer

Hi calcu007
I can not see how you say i mislead customer as all i was pointing out was Secunia has released it also.
As you have read this thread you would know that it has been fixed.
If for some reason you took offense that was not my intention.
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: hlecter on August 26, 2009, 06:41:46 PM
If anybody are misleading in this case it's Secunia which Status for the patch by now is 'unpatched'.

Pete has mislead nobody if you care to read the whole thread, especially what Vlk said near the beginning of the thread.

Something never change.   :(

HL.

Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: pete319 on August 27, 2009, 08:17:26 AM
If anybody are misleading in this case it's Secunia which Status for the patch by now is 'unpatched'.

Pete has mislead nobody if you care to read the whole thread, especially what Vlk said near the beginning of the thread.

Something never change.   :(

HL.



Cheers hlecter and thanks ;)
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: Marc57 on August 27, 2009, 08:30:37 AM
I have sent a Note to Secunia with a link to this thread stating that this has been fixed.
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: pete319 on August 27, 2009, 08:44:29 AM
I have sent a Note to Secunia with a link to this thread stating that this has been fixed.

Thanks Marc57 ;)
I never even gave that a thought, which i should really have down first. :-[
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: YoKenny on August 27, 2009, 11:39:14 AM
I have sent a Note to Secunia with a link to this thread stating that this has been fixed.

Oh dear.

Too close for comfort.
Quote
MEDIA SPOILED OSHAWA SURPRISE
CANADIAN PRESS
 Kiss frontman Gene Simmons says the media is to blame for spoiling a surprise the band had in store for Oshawa, Ont.
Earlier this year, Kiss asked fans around the world to go to their website and vote for their hometown to be included in the band's next big tour.

Oshawa finished first among all cities, but when the dates for the tour were announced this week, the Ontario city was left off the list.

Fans and politicians in Oshawa were outraged and Kiss eventually announced that it will play the city on Oct. 7
http://www.kissonline.com/stream/article/display/id/18524

Secunia are a bit slow in updating their information.
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: Marc57 on August 27, 2009, 05:50:18 PM
Your welcome Pete, Thanks for the news YoKenny, I hadn't heard about that.
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: Marc57 on August 27, 2009, 06:08:32 PM
It's been updated, Under "Solution" on page two it says "Update to version 4.8.1351"

http://secunia.com/advisories/36442/2/
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: DavidR on August 27, 2009, 06:55:34 PM
You would think that they would put the resolution on page one, how many bother going to the other pages. Or at least make it clear on page one that it isn't outstanding.
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: Marc57 on August 27, 2009, 07:22:59 PM
Agreed David, You would think it would be more pronounced.
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: hlecter on August 28, 2009, 12:34:07 AM
Or at least make it clear on page one that it isn't outstanding.

Page one at Secunia says the following:

avast! Home/Professional "aswMon" Privilege Escalation
Secunia Advisory:    SA36442    

Release Date:    2009-08-25
Last Update:    2009-08-27
Popularity:    429 views

Critical: Less critical
Impact: Privilege escalation
           DoS
Where:    Local system

Solution Status:    Vendor Patch

I think this is clear enough.

HL
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: Vlk on August 28, 2009, 12:59:13 AM
...But only after our friends at Secunia updated it (after our kind notification). Before that, it read "unpatched" :P
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: hlecter on August 28, 2009, 01:43:36 AM
Yes, and I was the first to report about 'unpatched' status by Secunia in reply #7 in this thread.    ;)

Regards
HL
Title: Re: Avast! 4.8.1335 Professional Local Kernel Buffer Overflow Exploit
Post by: pete319 on August 28, 2009, 07:13:47 AM
Thanks to all for your input. Glad it has been sorted now :)

Hey Marc57  I am also a fan of "Kiss" ;D