[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: 3 Mar 2006 20:59:58 -0000
From: Michael.Lang@...kal-net.at
To: bugtraq@...urityfocus.com
Subject: Kaspersky Memory/CPU Usage Leak by design
Hi,
i've recently discovered a design problem in Kaspersky AV Scanner. Original seen on FileScanner for Unix 5.0.5 the Problematic files are also screewing up the latest 5.5.3 Version.
AS i didnt find an offical way to deploy this at Kaspersky i hope someone from them will read this
and contact me to get a POC.
Therefore not all details will be shown here to avoid massive attacks.
The file(s) are 1.6M of size and dont contain suspicous content.
calling 3 kavscanner instances already renders a P4 2.4Ghz Machine with 512Mb Ram useless after a few seconds.
A POC flashcapture is located at http://www.jackal-net.at/KasperskyLeakPOC.swf
did anyone else encountered a similar problem ?
ClamAV works fine on the same Files.
Kind Regards
Michael Lang
Powered by blists - more mailing lists