lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20040614150555.23070.qmail@web20208.mail.yahoo.com>
From: visitbipin at yahoo.com (bipin gautam)
Subject: Multiple Antivirus Scanners DoS attack

--- Jan Muenther <jan.muenther@...ns.com> wrote:
> > do you have any idea how i created these
> compressed
> > archive??? i didn't modified the header info!!!
> > i created it using dd if=/dev/zero ..............
> 
> Yeah right. I believe the first time I saw this
> reported was like 1998. 
> Why don't you check mailing list archives before
> making such a big fuzz and
> releasing an 'advisory' on this (which doesn't even
> describe the issue)?
> 
well there was ways exploiting the AV software on wild
but... some AV companies ignored? the issue.

I believe for the time being, the full details should
only be reported to AV softwares. This issue had a
detailed discussion on my Winrar advisory,
http://www.securityfocus.com/bid/8572  nine months
ago. [that affected even MAC users]

Latest [unconfirmed] report from some users suggest,
Panda antivirus is also vulnerable to such attacks.

You can get the updates on this issue at.......
http://www.geocities.com/visitbipin/Multiple_AV_DoS.html


--- [Vulnerable Products] ---

       Only tested on...

* Norton Antivirus 2002
* Norton Antivirus 2003
* Mcafee VirusScan 6 
* Network Associates (McAfee) VirusScan Enterprise 7.1
* Rav Antivirus online Scanner [Couldn't complete the
scan...]
* Windows Xp default ZIP manager [report's wrong size
of compress ZIP files.]



There has been multiple reports [Unconfirmed]

*F-Prot 4.4.2 for Linux
*Panda Antivirus

  Are vulnerable.

regards,

bipin




	
		
__________________________________
Do you Yahoo!?
Friends.  Fun.  Try the all-new Yahoo! Messenger.
http://messenger.yahoo.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ