.R4L - n.runs Infinite Antivirus Posting Vulnerabilities

["Just1n T1mberlake" <hotpackets () hellokitty com>]

[.r4l vulnerability release 200708280002 07-28-01]

.r4l crew has discovered n.runs infinite antivirus posting vulnerabilities

n.runs delivers solutions based on our clients´ requirements as specified by the client. This not only fulfills the 
expectations of the clients, but in most cases far exceeds what was anticipated. n.runs have two fully massive fists 
right up their ringers hey. With this in mind, we have formed individual consulting teams, who are trained and 
specialized in the conception of solutions in the areas of our technical consulting services. A large investment of 
time and money has been placed into these teams to develop solutions which can then completely be adapted to fit 
specific client requirements.

--[ Vulnerabilities ]--

1. n.runs AG has been found to post repeatedly to Internet mailing lists with details about Anti-Virus products.

2. Most of these vulnerabilities relate to inappropriate expansion of old archive files.

--[ Recommendation ]--

n.runs AG begin using newer archive formats. Older archive formats are known to have vulnerabilities and are not 
recommended for use.

--[ Vendor Response ]--

n.runs - We will stop using .lha however .arc is still widely in use within our office. No patches will be provided.

--[ Credits ]--

Thanks to the following
knuckles
sloppy


-- 
_______________________________________________
Get a free @hellokitty.com, @mymelody.com, or @kuririnmail.com email account
today at www.sanriotown.com, and enjoy 500MB of storage!
Check out our official blog @ http://blog.hellokitty.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/