Network Security

Network Security
Own Advisories

Here you find a selection of our own advisories.
Please click on the given ID to get the full version of the advisory.

System: Kaspersky Anti-Virus for Unix/Linux File Servers
Topic: Insecure file system permissions can lead to local root exploit
Links: AERAsec/kav4unix-local-root-exploit, Secunia #16425, Zone-H #7941, SecurityFocus #14554 SecurePoint OSVDB #18733, FrSIRT 2005-1410,,
Heise News, INTEREST Security Base
ID: ae-200508-029

System: Several Anti-Virus Scanner Software
Topic: Filenames containing escape sequences archived in a ZIP file can lead to bypass AV scanning or unfiltered logging
Links: AERAsec/unfiltered-escape-sequences, AERAsec/unfiltered-escape-sequences/samples, Heise Online#57561, SecurityFocus#12793
ID: ae-200503-020

System: Several applications
Topic: Possible Denial-of-Service caused by decompression bomb
Links: AERAsec/decompression-bomb-vulnerability
ae-200401-020, BugTraq, SecurityFocus/Bugtraq VulnID 9393, FullDisclosure, Packet Storm,
HeiseNews, Heise PDA, Handelsblatt, KES, ComputerBase, KoSiB, IT-Audit,
PCWorld, TechWorld,, InfoWorld NL, ITworld, Computerworld, Business Network Communications, bmonday(dot)com, IDG SE, IDG SG, NetworkWorldFusion, ForbiddenWeb, TrimMail, YOZ, InformIT, DataCompression, The Spam Weblog,
LinuxNews PL, Kitetoa, PTnix, Radium Software Development JP,
Mozilla/Bugzilla#233262, amavisd-new
ID: ae-200402-006

System: Several Anti-Virus Scanner Software
Topic: Possible Denial-of-Service caused by bzip2 bomb
Links: AERAsec/bzip2bomb-antivirusengines, BugTraq, FullDisclosure, SecurityFocus/Bugtraq VulnID 9393,
HeiseNews, Heise SecurityNews, Heise PDA, Netzzeitung, LOTEK, pro-linux, IT-Audit, RotAlarm,,
The Guardian, SANS, Secunia, ISS, Internet Storm Center, CCIP NZ, OSAC, TechWeb, CompterWeekly, TechWorld, InfoWorld, InternetWeek News, InternetWeek Security, ITnews, SearchSecurity, ComputerCops, CMPnetAsia, OnlyNewZ, Mega Security, DESIGNTECHNICA, TLA, zone-h, Frame 4, Wall Street & Technology, TalkRoot, WhatBoysWant, Lorky Heavy Metal Industries, Security Pipeline, Linux Pipeline, Secure Network Operations, HNS,
Security NL, Automatisering Gids,, ZDNet.NL, clearIT, ZDNet.BE,, Informatica BR, CERT.HU, prog.HU, SG HU, Karpatinfo,, Underground InformatioN Center, InfoBez RU, peko RU, Tradeline RU, codeby RU, compulenta; Chip PL, Security Wortal, FutureWorlds IT, Ironika IT, Computerworld Online IT, TechTown IT, NWI IT Säkerhet&sekretess, Virustorjunta, ITviikko FI,, JP, LinuxOnly, Netcenter VN,, AScomputadores,
Trend Micro, AMaViS
ID: ae-200401-020

System: Check Point FW-1/VPN-1
Topic: DoS attack against syslog daemon possible
Links: AERAsec/Check Point FW-1 syslog-crash, Check Point Alert, Security+Bugware #6087, SecurityTracker#1006355, SecurityFocus/Bugtraq VulnID 7159, SecurityFocus/Bugtraq VulnID 7161, SecAmin#38428, SecuriTeam, WinITSec, SCIP #21
ID: ae-200303-064

System: Pyramid BenHur Firewall
Topic: Portfilter ruleset for active FTP results in a firewall leak
Links: ae-200207-028-BenHur-activeFTPruleset, Pyramid, SecuriTeam, Security+Bugware #5548
ID: ae-200207-028

System: Linux/Unix
Topic: Insecure output file handling in uudecode
Links: AERAsec/uudecode-pipe-exploit code, CVE: CAN-2002-0178, Security Focus #4120, RHSA-2002-065, ae-200205-037, SecurityFocus/Bugtraq VulnID 4742, CERT VU#3360832, CSSA-2002-040, ae-200210-102, OAR-2002:895, ae-200210-110
ID: ae-200204-033

System: Several Firewall, Caching & Antivirus Proxy Software
Topic: Bypass blocking rules or Antivirus filters by using HTTP/CONNECT method
Links: Squid-Cache/FAQ, SecurityFocus#4131, SecurityFocus/Info-Finjan, CERT VU#150227, CERT VU#868219
ID: ae-200202-051