CVE-2005-2670

Name of the Vulnerable Software and Affected Versions HAURI Anti-Virus products including ViRobot Expert version 4.0 HAURI Anti-Virus products including Advanced Server (affected versions not specified) HAURI Anti-Virus products including Linux Server version 2.0 HAURI Anti-Virus products including LiveCall (affected versions not specified)

Description The issue allows remote attackers to overwrite arbitrary files via ".." sequences in filenames contained in various archive file types, including ACE, ARJ, CAB, LZH, RAR, TAR, and ZIP files.

Recommendations For ViRobot Expert version 4.0, update to a version that includes a fix for the directory traversal issue. For Advanced Server, apply the necessary configuration changes or patches as recommended by the vendor to address the issue. For Linux Server version 2.0, restrict access to archive files until a patch is available. For LiveCall, avoid processing archive files with ".." sequences in filenames until the issue is resolved.