Full Disclosure mailing list archives
Re: [ GLSA 200501-46 ] ClamAV: Multiple issues
From: Trog <trog () uncon org>
Date: Tue, 01 Feb 2005 09:09:18 +0000
On Mon, 2005-01-31 at 20:41 +0100, Sune Kloppenborg Jeppesen wrote:
By sending a base64 encoded image file in a URL an attacker could evade virus scanning.
It's somewhat harsh to single out ClamAV for this issue. AFAICT, the only two virus scanners that do currently protect against this are ClamAV and AntiVir. According to current testing, all the others, including: AVG Avast BitDefender DrWeb eTrust-Iris eTrust-Vet F-Prot F-Secure Kaspersky mks_vir NOD32 Norman Virus Control Panda8 Sophos Sybari Symantec do not offer protection against this issue. If anyone sees any errors in the list above, please let me know -trog
Attachment:
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: [ GLSA 200501-46 ] ClamAV: Multiple issues Trog (Feb 01)
- Message not available
- Re: [ GLSA 200501-46 ] ClamAV: Multiple issues Darren Bounds (Feb 02)
- Message not available