Report: PC Tools Spyware Doctor v6.0 flaw
Set 7, 2008
-- Affected Vendors:
-- Affected Products:
Spyware Doctor v6.0
-- Download at:
-- Vulnerability Details:
A flaw exists in PC Tools Spyware Doctor while deleting a particular
Backdoor. The mechanism used to clean an infected machine will crash
the machine. (Blue Screen of Death might appear)
-- Step by Step
1) Instaled Windows XP.
2) Created the trojan (with ejection in IE) with the client.
3) Executed the trojan.
6) Instaled PC Tools Firewall Plus 4.0 and made a reboot.
4) Instaled Spyware Doctor 6.0
5) Run the Smart Update and downloaded 26 signature database files (35MB)
6) Spyware Doctor automaticaly runs a scan and finds Backdoor.Beastdoor.
8) Tried to remove the backdoor. The system crashed and made a reboot.
9) Tried to remove the backdoor several times and the result was the
same, a system crash.
10) Entered in safe boot, made a scan and i was able to delete it.
-- Dificulty Level:
High, it only happen as far as i know we one Backdoor.
-- Disclosure Timeline:
2008-07-29 - Published
2008-09-07 - Disclosed
Fabio Pinheiro at http://dicas3000.blogspot.com