Content Filter Bypass in Kaspersky Anti-Virus for Linux Mail Servers
CVE-2006-6408

Currently unrated

Key Information:

Vendor: kaspersky
Status: Kaspersky Anti-virus
Vendor: CVE Published:; 10 December 2006

Summary

Kaspersky Anti-Virus for Linux Mail Servers 5.5.10 is susceptible to a content filter bypass due to improper handling of base64 encoded content in multipart/mixed MIME files. Attackers can exploit this vulnerability by inserting invalid characters, resulting in the malicious payload evading detection. This was notably demonstrated using the EICAR test file, which highlights the potential risks to users relying on this antivirus solution for email protection.

References

http://www.securityfocus.com/bid/21461

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/453654/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.quantenblog.net/security/virus-scanner-bypass

x_refsource_MISC

Timeline

Vulnerability published
Dec 10, 2006
Vulnerability Reserved
Dec 9, 2006