RE: Long path exploit on NTFS

[Didier Arenzana <darenzana () yahoo fr>]

Hello,
I've tried the script with virus scan 4.5.0.534, signature file 4.0.4183.

o If VirusShield is active while runing the script, it detects both files
and prevent their generation, but crashes on the second one. However, even
after the crash it's still active. The ceation of viruses is still not
possible, but you are not warned anymore.

o If VirusShield is not active while runing the script, and you scan the
disk afterwards, the first file is detected and removed, the second one is
not, and there is no error message of any kind.

Regards,
Didier.

 --- "Fleming, Diane" <dfleming () fnni com> a écrit : 
> Any information as to whether or not McAfee Virus Scan 4.x has this
> vulnerability?
>
> -----Original Message-----
> From: Frank Heyne [mailto:fh () rcs urz tu-dresden de]
> Sent: Monday, February 04, 2002 1:15 PM
> To: bugtraq () securityfocus com; hans.somers () hccnet nl
> Subject: Re: Long path exploit on NTFS
>
>
> On 4 Feb 2002, at 10:26, Hans Somers wrote:
>
> > Not Vunerable:
> > --------------
> > *1                                          
> >  Sophos Anti-Virus v3.53
>
> This is not true.
>
> According to my own tests, Sophos Anti-Virus v3.53
> is unable to find virii in deeply nested NTFS subdirectories on NT 4.
>
>
>
> Frank Heyne
>
>
>  

___________________________________________________________
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Mail : http://fr.mail.yahoo.fr