Vulnerability Development mailing list archives

Re: Antivirus scanner DoS with zip archives

From: Markus 'FvD' Weber <fvd () ira uka de>
Date: Tue, 19 Jun 2001 12:47:12 +0200

There is 42.zip out there, 42K total size, which consists of
nested zip's and at the end a 4GB file (IIRC 6 levels deep,
each level 17 'wide') ... kills most email virus checker.

To protect your self from you email virus gateway crashing,
try to ensure that each single thread which checks an email
has only limited resources. Under Unix ulimit/limit is your
best friend ... (for process and file size). 

Markus

Current thread:

Antivirus scanner DoS with zip archives Michel Arboi (Jun 18)
- RE: Antivirus scanner DoS with zip archives Damage (Jun 18)
  - RE: Antivirus scanner DoS with zip archives Michel Arboi (Jun 19)
- Re: Antivirus scanner DoS with zip archives Ron DuFresne (Jun 18)
  - Re: Antivirus scanner DoS with zip archives Markus 'FvD' Weber (Jun 19)
    - Re: Antivirus scanner DoS with zip archives Michel Arboi (Jun 20)
    - Re: Antivirus scanner DoS with zip archives Robert Davidson Security (Jun 21)
    - Re: Antivirus scanner DoS with zip archives Aycan Irican (Jun 23)
    - Re: Antivirus scanner DoS with zip archives bill_weiss (Jun 24)
    - Re: Antivirus scanner DoS with zip archives Aycan Irican (Jun 24)
  - Re: Antivirus scanner DoS with zip archives Michel Arboi (Jun 19)
  - Re: Antivirus scanner DoS with zip archives Michel Arboi (Jun 21)
- Re: Antivirus scanner DoS with zip archives Nexus (Jun 18)
- Re: Antivirus scanner DoS with zip archives teo (Jun 20)
- Bugs in Mac Afee AV? [Re: Antivirus scanner DoS with zip archives] Michel Arboi (Jun 20)

(Thread continues...)