Bugtraq mailing list archives
RE: Long path exploit on NTFS
From: "andy " <andy () selekta com>
Date: Thu, 7 Feb 2002 09:53:47 -0500
Trend OfficeScan Corporate Edition Program Version: 3.54 VSApiNT Version: 5.630-1025 TMFilter Version: 5.630.0.1004 Virus Pattern File #: 220 Tested vulnerable to deeply nested directories. Payload used: netbus.zip Full directory path: C:\temp\1234567890\1234567890\1234567890 \1234567890\1234567890\1234567890\1234567890\1234567890\1234567890 \1234567890\1234567890\1234567890\1234567890\1234567890\1234567890 \1234567890\1234567890\1234567890\1234567890\1234567890 \123456789012345678\ When the same file was saved to c:\temp, Officescan picked it up right away. Andy Nowakowski
No, Mcafee 4.5.1 (scan engine 4.1.60, DAT 4.0.4184) is not
vulnberable. Both
realtime scan, and manual scan worked on the deeply nested
directories.
-----Original Message----- From: Fleming, Diane [mailto:dfleming () fnni com] Sent: Tuesday, 5 February 2002 11:50 To: 'fh () rcs urz tu-dresden de'; bugtraq () securityfocus com; hans.somers () hccnet nl Subject: RE: Long path exploit on NTFS Any information as to whether or not McAfee Virus Scan 4.x has
this
vulnerability? -----Original Message----- From: Frank Heyne [mailto:fh () rcs urz tu-dresden de] Sent: Monday, February 04, 2002 1:15 PM To: bugtraq () securityfocus com; hans.somers () hccnet nl Subject: Re: Long path exploit on NTFS On 4 Feb 2002, at 10:26, Hans Somers wrote:Not Vunerable: -------------- *1 Sophos Anti-Virus v3.53This is not true. According to my own tests, Sophos Anti-Virus v3.53 is unable to find virii in deeply nested NTFS subdirectories on
NT 4.
Frank Heyne ================================================================== De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is uitsluitend bestemd voor de geadresseerde. Indien u dit
bericht
onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken
en
de afzender direct te informeren door het bericht te retourneren. ================================================================== The information contained in this message may be confidential and is intended to be exclusively for the addressee. Should you receive this message unintentionally, please do not use the
contents
herein and notify the sender immediately by return e-mail. ==================================================================
________________________________________________________________ selekta.com
Current thread:
- Re: Long path exploit on NTFS, (continued)
- Re: Long path exploit on NTFS Frank Heyne (Feb 04)
- RE: Long path exploit on NTFS Fleming, Diane (Feb 04)
- RE: Long path exploit on NTFS Didier Arenzana (Feb 06)
- RE: Long path exploit on NTFS David Sexton (Feb 06)
- Re: Long path exploit on NTFS Christophe Bousquet (Feb 06)
- RE: Long path exploit on NTFS Uidam, T (Tim) (Feb 06)
- RE: Long path exploit on NTFS Elan Hasson (Feb 08)
- RE: Long path exploit on NTFS David Korn (Feb 07)
- RE: Long path exploit on NTFS Frank Heyne (Feb 08)
- Long Path Exploit on NTFS Mark Ng (Feb 07)
- RE: Long path exploit on NTFS andy (Feb 08)