Full Disclosure mailing list archives
RE: Multiple AV Vendor Incorrect CRC32 BypassVulnerability.
From: "Randall M" <randallm () fidmail com>
Date: Thu, 10 Mar 2005 06:06:09 -0600
.
-----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of bipin gautam Sent: Thursday, March 10, 2005 5:00 AM To: full-disclosure () lists grok org uk; vuln () secunia com Subject: Re: [Full-disclosure] Multiple AV Vendor Incorrect CRC32 BypassVulnerability. --- Frederic Charpentier <fcharpen () xmcopartners com> wrote:
Hi, I saw this behaviour last week with the virus "MyDoom.BE". I use the mail gateway with Clamav/Amavis. Clamav doesn't detect the virus embeded in the zip file (with a crc broken). But, Trendmicro detects it.
That's strange, though i admit... i've shared this info with very few* trusted security researchers, since past few months..... though i it find VERY HARD to believe some, who had access to this info since past few month were involved in creating, "MyDoom.BE" (O; Bipin
.
I'm going take a guess that they haven't "lost faith in responsible disclosure..." as you did per your public disclosure to the lists. If someone leaked this I'm glad for that. The last thing I need this morning is infected machines all over the place PLUS the "I can't find my folders" to IT helpdesk. RandallM _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
Current thread:
- Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. bipin gautam (Mar 09)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. Frederic Charpentier (Mar 10)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. Dr. Peter Bieringer (Mar 10)
- <Possible follow-ups>
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. bipin gautam (Mar 10)
- RE: Multiple AV Vendor Incorrect CRC32 BypassVulnerability. Randall M (Mar 10)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. bipin gautam (Mar 10)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. Lise Moorveld (Mar 11)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. bipin gautam (Mar 11)