Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

eTrust Antivirus Zip Archive Virus Detection Bypass Vulnerability

Feb 16, 2004 12:15AM PST

Critical:
Moderately critical
Impact: Security Bypass

Where: From remote



Software: eTrust Antivirus 7.x for Windows NT/2000/XP




Description:
A vulnerability has been reported in eTrust Antivirus 7.0, allowing malware to bypass the virus detection.

The scanning engine doesn't handle ZIP archives containing password protected files correctly. The problem is that the scanning engine doesn't scan remaining files after a password protected file has been scanned, which allows an infected file to pass undetected.

Solution:
Apply patch for 0302 level (Build 139) or higher.

ftp://ftp.ca.com/pub/unicenter/e...Virus/7.0/nt/qo50563/QO50563.exe
ftp://ftp.ca.com/pub/unicenter/e...Virus/7.0/nt/qo50563/QO50563.CAZ

Provided and/or discovered by:
Reported by vendor.
http://secunia.com/advisories/10874/

Discussion is locked