lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: visitbipin at (bipin gautam)
Subject: Antivirus/Trojan/Spyware scanners DoS!

--- npguy <> wrote:
> This comes when extracting module doesn't verify the
> intgerity of headers. The 
> similar types of breaches were found in WinRAR. The
> quick
> approach to resolve is to verify the actual physical
> size of the compressed 
> file against the headers info. WinRAR now takes
> similar approach.  

Yap, my winrar advisory dates back to,
Sep 9 2003,

It has been 9 months, still... the AV companies that
call itself the worlds best [Macfee, symantec...etc]
seem to have problem coding the program logics. Is it
like, NAV isn't immune from this bug so BUGTRAQ guys
are having hegitation posting this agvisory?

* Winxp default zip manager just report the 12Gb zip
file to be 121 Mb!???
* Winrar [3.20] can show the size of .bz2 files and
winrar just report is 128 Mb but it start
filling up the hdd. to 12 Gb if you try to extract the
*If we try to extract the 12 Gb [Standalone] file in
Fat32 tries to extract the 12 Gb file and terminate
extraction after 4Gb [fat32 limit] I wounder, why in
the 1'st place would Winrar allow to extract a 4+ Gb
[single] file in Fat 32.

bipin gautam

Do you Yahoo!?
Friends.  Fun.  Try the all-new Yahoo! Messenger. 

Powered by blists - more mailing lists