Vulnerability Development mailing list archives
Re: Antivirus scanner DoS with zip archives
From: Michel Arboi <arboi () yahoo com>
Date: Tue, 19 Jun 2001 20:53:54 +0200 (CEST)
--- Markus 'FvD' Weber <fvd () ira uka de> a écrit :
There is 42.zip out there, 42K total size, which consists of nested zip's and at the end a 4GB file (IIRC 6 levels deep, each level 17 'wide') ... kills most email virus checker.
I did not know it existed. Altavista found this on http://www.hanau.net/fgk/downloads/42.zip Why is this kind of attack not more common? I suspect that most filters are vulnerable and yet, they are not listed as such (e.g. on securityfocus). And companies continue to use them.
Under Unix ulimit/limit is your best friend ... (for process and file size).
*And* CPU time. What about Windows NT? ___________________________________________________________ Do You Yahoo!? -- Pour faire vos courses sur le Net, Yahoo! Shopping : http://fr.shopping.yahoo.com
Current thread:
- Antivirus scanner DoS with zip archives Michel Arboi (Jun 18)
- RE: Antivirus scanner DoS with zip archives Damage (Jun 18)
- RE: Antivirus scanner DoS with zip archives Michel Arboi (Jun 19)
- Re: Antivirus scanner DoS with zip archives Ron DuFresne (Jun 18)
- Re: Antivirus scanner DoS with zip archives Markus 'FvD' Weber (Jun 19)
- Re: Antivirus scanner DoS with zip archives Michel Arboi (Jun 20)
- Re: Antivirus scanner DoS with zip archives Robert Davidson Security (Jun 21)
- Re: Antivirus scanner DoS with zip archives Aycan Irican (Jun 23)
- Re: Antivirus scanner DoS with zip archives bill_weiss (Jun 24)
- Re: Antivirus scanner DoS with zip archives Aycan Irican (Jun 24)
- Re: Antivirus scanner DoS with zip archives Markus 'FvD' Weber (Jun 19)
- RE: Antivirus scanner DoS with zip archives Damage (Jun 18)
- Re: Bugs in Mac Afee AV? [Re: Antivirus scanner DoS with zip archives] Nicolas Gregoire (Jun 21)