CVE-2005-3381

Name of the Vulnerable Software and Affected Versions Ukrainian National Antivirus (UNA) version 1.83.2.16 with kernel 265

Description The issue allows remote attackers to bypass virus scanning by using files with an "MZ" magic byte sequence, which is normally associated with EXE files, but can be used in other file types such as BAT, HTML, and EML. This causes the file to be treated as a safe type, even though it could still be executed as a dangerous file type by applications on the end system. An example of this is a "triple headed" program that contains EXE, EML, and HTML content.

Recommendations For Ukrainian National Antivirus (UNA) version 1.83.2.16 with kernel 265, consider updating to a newer version that addresses the "magic byte bug" to prevent remote attackers from bypassing virus scanning. As a temporary workaround, consider enhancing the scanning functionality to inspect files more thoroughly, regardless of their apparent type, to minimize the risk of exploitation.