Author Topic: Panda AV suffers from security flaw (Read 2974 times)

polonus · « **on:** December 02, 2005, 09:33:29 AM »

Hello forum members,

Panda AV has a security flaw & suffers from a buffer overflow in certain circumstances, that could lead to systems being compromised or taken over.
Read here: http://www.security.nnov.ru/Kdocument471.html

greets,

polonus

Lisandro · « **Reply #1 on:** December 02, 2005, 12:20:38 PM »

And avast? Will it suffer from this problem too?

polonus · « **Reply #2 on:** December 02, 2005, 01:24:21 PM »

Hallo Tech,

Read here: http://www.rem0te.com/public/images/panda.pdf The vulnerability (highly critical) is caused due to a boundary error in "pskcmp.dll" when performing Lempel-Ziv decompression of ZOO-archives. This can be exploited to cause a heap-buffer overflow and may allow arbitrary code execution when a malicious ZOO archive is scanned. Threat: system access from remote.
Solution: filter ZOO archives at email and proxy gateways.
Other vendors may have problems whenever they share this PANDA technology. Look here:
http://www.spywaredata.com/spyware/malware/pskcmp.dll.php

That is the best survey I can give you, else we here from Vlk, I guess (ustawiena ..).

greets from,

polonus

Lisandro · « **Reply #3 on:** December 02, 2005, 03:06:35 PM »

Quote from: polonus on December 02, 2005, 01:24:21 PM

That is the best survey I can give you, else we here from Vlk, I guess (ustawiena ..).

Thanks...
Only the high gurus can drop a word here... it's behind my possibilities...

Author Topic: Panda AV suffers from security flaw (Read 2974 times)

polonus

Panda AV suffers from security flaw

Lisandro

Re: Panda AV suffers from security flaw

polonus

Re: Panda AV suffers from security flaw

Lisandro

Re: Panda AV suffers from security flaw