Vigil@nce: Outpost Security Suite, bypassing
July 2008 by Vigil@nce
SYNTHESIS
When a filename contains special characters, it can bypass
restrictions of the antivirus or of the firewall.
Gravity: 1/4
Consequences: user access/rights, data flow
Provenance: document
Means of attack: 1 attack
Ability of attacker: technician (2/4)
Confidence: unique source (2/5)
Diffusion of the vulnerable configuration: low (1/3)
Creation date: 23/07/2008
Identifier: VIGILANCE-VUL-7964
IMPACTED PRODUCTS
– Agnitum Outpost Firewall
DESCRIPTION
The Outpost Security Suite product is composed of an antivirus and
of a firewall.
When a filename contains character sequences corresponding to an
HTML entity (such as "‣"), this file bypasses the antivirus
and execution restrictions of the firewall.
An attacker can therefore use a file with a special name in order
to bypass Outpost Security Suite.
CHARACTERISTICS
Identifiers: BID-30347, VIGILANCE-VUL-7964