Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.6
CVSSv2

CVE-2017-15643

Published: 19/10/2017 Updated: 14/11/2017
CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9
CVSS v3 Base Score: 7.4 | Impact Score: 5.9 | Exploitability Score: 1.4
VMScore: 765
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Subscribe to Ikarussecurity

Vulnerability Summary

An active network attacker (MiTM) can achieve remote code execution on a machine that runs IKARUS Anti Virus 2.16.7. IKARUS AV for Windows uses cleartext HTTP for updates along with a CRC32 checksum and an update value for verification of the downloaded files. The attacker first forces the client to initiate an update transaction by modifying an update field within an HTTP 200 response, so that it refers to a nonexistent update. The attacker then modifies the HTTP 404 response so that it specifies a successfully found update, with a Trojan horse executable file (e.g., guardxup.exe) and the correct CRC32 checksum for that file.

Vulnerable Product Search on Vulmon Subscribe to Product

ikarussecurity ikarus antivirus 2.16.7

Exploits

Exploit DB: Ikraus Anti Virus 2.16.7 - Remote Code Execution
## Vulnerability summary The following advisory describes an remote code execution found in Ikraus Anti Virus version 2167 KARUS antivirus “secures your personal data and PC from all kinds of malware Additionally, the Anti-SPAM module protects you from SPAM and malware from e-mails Prevent intrusion and protect yourself against cyber-crimi ...

Github Repositories

https://github.com/rohitjain25/ManInTheMiddleAttack

Pre-Final Year Mini Project on topology for man in the middle attack.

Man In The MiddleAttack Pre-Final Year Mini Project I INTRODUCTION A Man-in-the-Middle attack (MitM) is where a malicious Third party takes control of a communication channel between Two or more endpoints by intercepting and forwarding the Traffic in transit An attacker in the middle has the capability of harming the confidentiality, integrity, and availability of the User&r

References

CWE-444https://www.ikarussecurity.com/about-ikarus/security-blog/vulnerability-in-windows-antivirus-products-ik-sa-2017-0001/https://blogs.securiteam.com/index.php/archives/3485https://nvd.nist.govhttps://github.com/rohitjain25/ManInTheMiddleAttackhttps://www.exploit-db.com/exploits/44055/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661open redirectCVE-2024-25512CVE-2024-33788command injectionSSTICVE-2024-0043CVE-2024-29210CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook