Re: [Full-Disclosure] Multiple Antivirus Scanners DoS attack
From: bipin gautam (visitbipin_at_yahoo.com)
Date: 06/14/04
- Previous message: Jan Muenther: "Re: [Full-Disclosure] Multiple Antivirus Scanners DoS attack. [summery]"
- In reply to: Jan Muenther: "Re: [Full-Disclosure] Multiple Antivirus Scanners DoS attack. [summery]"
- Next in thread: Jim Krok: "Re: [Full-Disclosure] Multiple Antivirus Scanners DoS attack. [summery]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: full-disclosure@lists.netsys.com Date: Mon, 14 Jun 2004 08:05:55 -0700 (PDT)
--- Jan Muenther <jan.muenther@nruns.com> wrote:
> > do you have any idea how i created these
> compressed
> > archive??? i didn't modified the header info!!!
> > i created it using dd if=/dev/zero ..............
>
> Yeah right. I believe the first time I saw this
> reported was like 1998.
> Why don't you check mailing list archives before
> making such a big fuzz and
> releasing an 'advisory' on this (which doesn't even
> describe the issue)?
>
well there was ways exploiting the AV software on wild
but... some AV companies ignored? the issue.
I believe for the time being, the full details should
only be reported to AV softwares. This issue had a
detailed discussion on my Winrar advisory,
http://www.securityfocus.com/bid/8572 nine months
ago. [that affected even MAC users]
Latest [unconfirmed] report from some users suggest,
Panda antivirus is also vulnerable to such attacks.
You can get the updates on this issue at.......
http://www.geocities.com/visitbipin/Multiple_AV_DoS.html
--- [Vulnerable Products] ---
Only tested on...
* Norton Antivirus 2002
* Norton Antivirus 2003
* Mcafee VirusScan 6
* Network Associates (McAfee) VirusScan Enterprise 7.1
* Rav Antivirus online Scanner [Couldn't complete the
scan...]
* Windows Xp default ZIP manager [report's wrong size
of compress ZIP files.]
There has been multiple reports [Unconfirmed]
*F-Prot 4.4.2 for Linux
*Panda Antivirus
Are vulnerable.
regards,
bipin
__________________________________
Do you Yahoo!?
Friends. Fun. Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Jan Muenther: "Re: [Full-Disclosure] Multiple Antivirus Scanners DoS attack. [summery]"
- In reply to: Jan Muenther: "Re: [Full-Disclosure] Multiple Antivirus Scanners DoS attack. [summery]"
- Next in thread: Jim Krok: "Re: [Full-Disclosure] Multiple Antivirus Scanners DoS attack. [summery]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
