Webroot Spy Sweeper filename security bypass
| spysweeper-filename-security-bypass (27272) |  Medium Risk |
Description:
Webroot Spy Sweeper fails to detect malicious files that have been renamed. An attacker could exploit this vulnerability by renaming a known malware file and placing it on the system, which would allow the attacker to bypass security detection mechanisms and possibly execute malicious code on the system with the privileges of the victim.
Consequences:
Bypass Security
Remedy:
No remedy available as of May 1, 2013.
References:
- BugTraq Mailing List, Tue Jun 20 2006 - 08:07:40 CDT : Multiple Bypass and Integrity Lost Vulnerabilities.
- Webroot Software, Inc. Web site: Webroot Software | Remove Spyware and adware from your PC or laptop.
- CVE-2006-6961: WebRoot Spy Sweeper 4.5.9 and earlier does not detect malware based on file contents, which allows remote attackers to bypass malware detection by changing a file's name.
- OSVDB ID: 27538: SpySweeper Malware File Rename Scan Bypass
Platforms Affected:
- Webroot Spy Sweeper 4.5.9.709 and prior
Reported:
Jun 20, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this