In association with heise online

16 May 2008, 11:29

F-Secure issues Linux Security 7.00 warning

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

F-Secure's Linux Security 7.00 Linux virus scanner contains a critical flaw which may cause it to delete directories on a computer. F-Secure warns that the software with the Client Edition keycode should not be used, and has initiated a product recall. An entry in F-Secure's Linux blog explains that slip-ups in quality control allowed a flaw to slip though the net which makes the scanner delete the /var directory and any contained subdirectories when the tool is operating in client mode.

Users of the software can apparently check whether their installation is affected by checking the scanner's log file for certain entries. If the

grep "Device or resource busy" /var/opt/f-secure/fssp/dbupdate.log

command returns one or more lines this may indicate that directories have accidentally been deleted, explains F-Secure. This can only be resolved by restoring from a backup.

F-Secure advises users to uninstall the software immediately from systems which run the scanner using the Client keycode. The vendor plans to fix the flaw in version 7.01 of Linux Security to be released in the next few days.

See also:

(mba)

Print Version | Send by email | Permalink: http://h-online.com/-735227
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit