Full Disclosure mailing list archives
Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability.
From: "Lise Moorveld" <lise_moorveld () hotmail com>
Date: Fri, 11 Mar 2005 11:46:16 +0100
Hi, Well, technically these would be separate vulnerabilities, wouldn't you say?Could you perhaps share a bit more information about which headers work well in circumventing which AV products?
-- Lise
get the new updates at, http://www.geocities.com/visitbipin/crc.html strangely, after modifying other general purpose bit flag in the zip header like,compression method,last mod file time,last mod file date,file namelength,extra field length... [NOT: compressed size, uncompressed size which waspointed out by iDEFENSE before] strangely i found some other AV pron to the BUG.
_________________________________________________________________ Talk with your online friends with MSN Messenger http://messenger.msn.nl/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
Current thread:
- Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. bipin gautam (Mar 09)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. Frederic Charpentier (Mar 10)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. Dr. Peter Bieringer (Mar 10)
- <Possible follow-ups>
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. bipin gautam (Mar 10)
- RE: Multiple AV Vendor Incorrect CRC32 BypassVulnerability. Randall M (Mar 10)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. bipin gautam (Mar 10)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. Lise Moorveld (Mar 11)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. bipin gautam (Mar 11)