Re: [Full-Disclosure] Antivirus/Trojan/Spyware scanners DoS!

From: bipin gautam (visitbipin_at_yahoo.com)
Date: 06/14/04

Next message: BigBrother-{BigB3}: "Re: [Full-Disclosure] Antivirus/Trojan/Spyware scanners DoS!"

Previous message: Spiro Trikaliotis: "[Full-Disclosure] VICE emulator format string vulnerability"
In reply to: npguy: "Re: [Full-Disclosure] Antivirus/Trojan/Spyware scanners DoS!"
Next in thread: Rodrigo Barbosa: "Re: [Full-Disclosure] Antivirus/Trojan/Spyware scanners DoS!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: full-disclosure@lists.netsys.com
Date: Mon, 14 Jun 2004 00:13:26 -0700 (PDT)

--- npguy <npguy@websurfer.com.np> wrote:
> This comes when extracting module doesn't verify the
> intgerity of headers. The
> similar types of breaches were found in WinRAR. The
> quick
> approach to resolve is to verify the actual physical
> size of the compressed
> file against the headers info. WinRAR now takes
> similar approach.

Yap, my winrar advisory dates back to,
Sep 9 2003,
http://www.securityfocus.com/bid/8572/discussion/
http://www.geocities.com/visitbipin

It has been 9 months, still... the AV companies that
call itself the worlds best [Macfee, symantec...etc]
seem to have problem coding the program logics. Is it
like, NAV isn't immune from this bug so BUGTRAQ guys
are having hegitation posting this agvisory?

------------[snip]-----------------
* Winxp default zip manager just report the 12Gb zip
file to be 121 Mb!???
* Winrar [3.20] can show the size of .bz2 files and
winrar just report bipin.zip is 128 Mb but it start
filling up the hdd. to 12 Gb if you try to extract the
file.
*If we try to extract the 12 Gb [Standalone] file in
Fat32 tries to extract the 12 Gb file and terminate
extraction after 4Gb [fat32 limit] I wounder, why in
the 1'st place would Winrar allow to extract a 4+ Gb
[single] file in Fat 32.
-------------[snip]-----------------

bipin gautam

__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: BigBrother-{BigB3}: "Re: [Full-Disclosure] Antivirus/Trojan/Spyware scanners DoS!"

Previous message: Spiro Trikaliotis: "[Full-Disclosure] VICE emulator format string vulnerability"
In reply to: npguy: "Re: [Full-Disclosure] Antivirus/Trojan/Spyware scanners DoS!"
Next in thread: Rodrigo Barbosa: "Re: [Full-Disclosure] Antivirus/Trojan/Spyware scanners DoS!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Winrar Question--Opening multiple files
... > but still there is no way of winrar extract all the multiparts in the ... if i have several multipart file can i have winrar ...
(microsoft.public.windowsxp.general)
Re: Old Paper--The Stability Problem in Feedback Amplifiers
... If you have a version of WINRAR that will run on a MAC, you can extract the ... And Windows users who have WINRAR can extract the .pdf file without using ... they need not execute the .exe. ...
(rec.audio.tubes)
Re: Winrar Question--Opening multiple files
... but still there is no way of winrar extract all the multiparts in the ... >> to extract all multipart files in a particular folder. ...
(microsoft.public.windowsxp.general)
RE: [Full-Disclosure] Winrar doesnt determine the actual size of compressed files
... > files saved in .rar format by reading it's header information. ... Later we found that Winrar ... > If you extract the file Winrar will try to extract this 100 ...
(Full-Disclosure)
RE: [Full-Disclosure] Winrar doesnt determine the actual size of compressed files
... > files saved in .rar format by reading it's header information. ... Later we found that Winrar ... > If you extract the file Winrar will try to extract this 100 ...
(Full-Disclosure)