CVE-2008-3447

F-Prot Antivirus 6.2.1 4252 - Denial of Service via Malformed ZIP Archive

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-3447. PoCs published by kokanin.

AI-analyzed exploit summary This exploit demonstrates a denial-of-service (DoS) vulnerability in F-PROT Antivirus version 6.2.1.4252. The scanner enters an infinite loop when processing a specially crafted ZIP file (snot.zip), causing it to hang indefinitely.

Description

The scanning engine in F-Prot Antivirus 6.2.1 4252 allows remote attackers to cause a denial of service (infinite loop) via a malformed ZIP archive, probably related to invalid offsets.

Exploits (1)

exploitdb WORKING POC VERIFIED

by kokanin · textdosmultiple

https://www.exploit-db.com/exploits/6174

View Code ZIP pw:eip

This exploit demonstrates a denial-of-service (DoS) vulnerability in F-PROT Antivirus version 6.2.1.4252. The scanner enters an infinite loop when processing a specially crafted ZIP file (snot.zip), causing it to hang indefinitely.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: F-PROT Antivirus version 6.2.1.4252

No auth needed

Prerequisites: Access to the target system to execute the scanner command · Presence of the malicious ZIP file (snot.zip)

MITRE ATT&CK