Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Antivirus/Trojan/Spyware scanners DoS!

From: evilninja <evilninja () gmx net>
Date: Sun, 13 Jun 2004 19:14:42 +0200
bipin gautam wrote:

Hello everybody,

I wounder how many Antivirus/Trojan/Spyware scanners
will choak to death while having a manual scan of
the
file:

http://www.geocities.com/visitbipin/SERVER_dwn.zip

I was woundering, what would be the results if such
file gets stucked in an "AV gateway" (O;
please, report your findings..... 

evil@sheep:~$ clamscan SERVER_dwn.zip
SERVER_dwn.zip: Oversized.Zip FOUND

----------- SCAN SUMMARY -----------
Known viruses: 21904
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 20.13 MB
I/O buffer size: 131072 bytes
Time: 11.167 sec (0 m 11 s)
evil@sheep:~$

from the config of clamav:

ScanArchive
ArchiveMaxRecursion 30
ArchiveMaxFiles 1000
ArchiveMaxFileSize 100M


-> http://clamav.sourceforge.net/

--
BOFH excuse #29:

It works the way the Wang did, what's the problem

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: