PT-2005-3823 · Ahnlab+1 · Ahnlab V3Net For Windows Server+3

Published

2005-09-19

Updated

2017-07-11

CVE-2005-2986

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions AhnLab V3Pro version 2004 Build 6.0.0.383 AhnLab V3 VirusBlock version 2005 Build 6.0.0.383 AhnLab V3Net for Windows Server version 6.0 Build 6.0.0.383

Description The issue arises from the v3flt2k.sys driver, which fails to properly validate the source of the DeviceIoControl commands. This allows remote attackers to gain privileges.

Recommendations For AhnLab V3Pro version 2004 Build 6.0.0.383, consider disabling the v3flt2k.sys driver until a patch is available. For AhnLab V3 VirusBlock version 2005 Build 6.0.0.383, restrict access to the DeviceIoControl commands to minimize the risk of exploitation. For AhnLab V3Net for Windows Server version 6.0 Build 6.0.0.383, avoid using the DeviceIoControl commands in sensitive operations until the issue is resolved.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-2986

Affected Products

Ahnlab V3 Virusblock

Ahnlab V3Net For Windows Server

Ahnlab V3Pro

Windows Server

PT-2005-3823 · Ahnlab+1 · Ahnlab V3Net For Windows Server+3

CVE-2005-2986

Related Identifiers

Affected Products

References · 6