Full Disclosure mailing list archives
Re: Multiple Antivirus Scanners DoS attack. [summery]
From: bipin gautam <visitbipin () yahoo com>
Date: Fri, 9 Jul 2004 12:28:36 -0700 (PDT)
--- "Dr. Peter Bieringer" <pbieringer () aerasec de> wrote:
--On Montag, 14. Juni 2004 01:28 -0700 bipin gautam <visitbipin () yahoo com> wrote:Multiple Antivirus Scanners DoS attack.... What's *really* new to
<http://www.aerasec.de/security/advisories/decompression-bomb-vulnerability.html>
? Peter
I had my eye on..... http://www.aerasec.de/security/advisories/decompression-bomb-vulnerability.html#History ---snip---- History of this issue itself * early '90s: ARC/LZH/ZIP/RAR-Bombs were used in DoS of Fidonet systems * 2002-01-01: Paul L. Daniels publishes first version of 'arbomb' (Archive "Bomb" detection utility) * 2003-08-29: Posting by Steve Wray on mailinglist FullDisclosure mentions a bzip2 bomb * 2003-09-01: AERAsec found that some antivirus software is vulnerable against the posted bzip2 bomb * 2004-01-09: Publishing of the advisory bzip2bomb-antivirusengines * 2004-01-15: Investigation of gzip'ed HTML and PNG/GIF bombs * 2004-02-03: Publishing of this advisory ----snip-------- well... my advisory on winrar http://www.securityfocus.com/bid/8572 was published on, 2003-09-9 and was in informal discussion on AV/archive DoS attack in the internet long before this published date.. . but looking at the history in your site........ # 2003-09-01: AERAsec found that some antivirus software is vulnerable against the posted bzip2 bomb # 2004-01-09: Publishing of the advisory bzip2bomb-antivirusengines ------------------- seems like, we were working parallel....... in the nearly same work; right across the globe! The av dos issue have also been addressed in, http://www.securityfocus.com/bid/8572/discussion/ see, your discussion on archive bomb [*.bz2] was published.... very lately in, 2004-01-09: Publishing of the advisory bzip2bomb-antivirusengines (O; well..... see I DIDN'T TAKE ANY REFRENCE TO YOUR ADVISORY...... cauz i knew/discussed about such issue well far back , 2003-09-9 http://www.securityfocus.com/bid/8572 _______________________________________________ When you first published your advisory in 2004 i also thought this same thing,....... What's *really* new to http://www.securityfocus.com/bid/8572 published in 2003 __________________________________ I don't think the AV vendors listened to either of US! until......... this advisory SPECIALLY focused in this topic. It's not necessary... two SQL injection, even while using same parameters can be stated... THEY ARE SAME!!! __________________________________________________ Hay guy, let's focus on the current issue for the time being! Norton Antivirus Remote Denial of service Vulnerability http://www.geocities.com/visitbipin/Nav_dos_part_3.html please test it with other av products as well..., i wonder why isn't there any coments/FINDINGS addressing this current issue or has FD community stopped using NAV. bipin gautam __________________________________ Do you Yahoo!? Yahoo! Mail Address AutoComplete - You start. We finish. http://promotions.yahoo.com/new_mail _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Multiple Antivirus Scanners DoS attack. [summery] Dr. Peter Bieringer (Jul 09)
- Re: Multiple Antivirus Scanners DoS attack. [summery] bipin gautam (Jul 09)
- Re: Multiple Antivirus Scanners DoS attack. [summery] bipin gautam (Jul 09)