Bugtraq mailing list archives
Re: [Full-Disclosure] [ GLSA 200501-46 ] ClamAV: Multiple issues
From: exon <exon () home se>
Date: Wed, 02 Feb 2005 20:17:46 +0100
Trog wrote:
On Tue, 2005-02-01 at 14:41 -0800, Dack wrote:By sending a base64 encoded image file in a URL an attacker could evade virus scanning.It's somewhat harsh to single out ClamAV for this issue. AFAICT, the only two virus scanners that do currently protect against this areWhat mail clients, if any, would execute a virus encoded in this manner? Is this a gaping hole in other mail anti-virus systems, or do most clients just ignore this kind of data?I really haven't tested mail clients, but Thunderbird would be the most likely.
Nopes. Thunderbird, being a client designed to run under a plethora of platforms, doesn't bother with executing code at all unless explicitly asked to. In my opinion that's one of its greatest feature.
Current thread:
- Re: [Full-Disclosure] [ GLSA 200501-46 ] ClamAV: Multiple issues Trog (Feb 01)
- Re: [Full-Disclosure] [ GLSA 200501-46 ] ClamAV: Multiple issues Dack (Feb 01)
- Re: [Full-Disclosure] [ GLSA 200501-46 ] ClamAV: Multiple issues Darren Bounds (Feb 02)
- Re: [Full-Disclosure] [ GLSA 200501-46 ] ClamAV: Multiple issues Trog (Feb 02)
- Re: [Full-Disclosure] [ GLSA 200501-46 ] ClamAV: Multiple issues exon (Feb 02)
- Re: [Full-Disclosure] [ GLSA 200501-46 ] ClamAV: Multiple issues Dack (Feb 01)