Bugtraq mailing list archives
Re: Multiple Antivirus Scanners DoS attack.
From: "Ethy H. Brito" <ethy () inexo com br>
Date: Mon, 14 Jun 2004 14:48:09 -0300
On Mon, 14 Jun 2004 14:38:50 +0000 "bipin gautam" <visitbipin () hotmail com> wrote:
Multiple Antivirus Scanners DoS attack. --- [Vulnerable Products] --- Only tested on... * Norton Antivirus 2002 * Norton Antivirus 2003 * Mcafee VirusScan 6 * Network Associates (McAfee) VirusScan Enterprise 7.1 * Windows Xp default ZIP manager [report's wrong size of compress ZIP files.]
Linux uvscan scan engine 4.3.20 (MacAfee) is also vulnerable. uvscan takes all CPU and lots of memory been only killed with signal 9 from another terminal. from 'top': PID USER PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME CPU COMMAND 1306 nobody 15 0 22744 21M 1648 R 97.4 35.6 0:44 0 uvscan nobody@babalu:/usr/local/uvscan# ./uvscan -v -r --analyze --unzip BlackHole.zip Scanning BlackHole.zip Scanning file BlackHole.zip Scanning file BlackHole.zip/~.BZ2 ..... stalls here ..... -- Ethy H. Brito /"\ InterNexo Ltda. \ / CAMPANHA DA FITA ASCII - CONTRA MAIL HTML +55 (12) 3941-6860 X ASCII RIBBON CAMPAIGN - AGAINST HTML MAIL S.J.Campos - Brasil / \
Current thread:
- Multiple Antivirus Scanners DoS attack. bipin gautam (Jun 14)
- Re: Multiple Antivirus Scanners DoS attack. Ethy H. Brito (Jun 14)
- Re: Multiple Antivirus Scanners DoS attack. Yosif Sleman (Jun 21)
- Re: Multiple Antivirus Scanners DoS attack. Tucker (Jun 16)
- Re: Multiple Antivirus Scanners DoS attack. Jacek Osiecki (Jun 18)
- Re: Multiple Antivirus Scanners DoS attack. Jason Haar (Jun 21)
- Re: Multiple Antivirus Scanners DoS attack. Jacek Osiecki (Jun 18)
- <Possible follow-ups>
- RE: Multiple Antivirus Scanners DoS attack. Messer, Jon (Jun 15)
- RE: Multiple Antivirus Scanners DoS attack. Bo Rasmussen (Jun 15)
- RE: Multiple Antivirus Scanners DoS attack. Brian Christmas (Jun 16)
- Re: Multiple Antivirus Scanners DoS attack. jspanitz (Jun 16)
- Re: Multiple Antivirus Scanners DoS attack. Ethy H. Brito (Jun 14)