Full Disclosure mailing list archives
Re: Av issues
From: Thierry Zoller <Thierry () sniff-em com>
Date: Tue, 15 Mar 2005 21:56:43 +0100
Dear list, Interesing findings: Different results with different variants ------------------------------------------------ visitbipin () yahoo com posted this POC (over FD) http://www.geocities.com/visitbipin/test_nav.zip AntiVir : Eicar-Test-Signature Avast : EICAR Test-NOT!! AVG Antivirus : EICAR_Test BitDefender : EICAR-Test-File ClamAV : No viruses found Dr.Web : EICAR Test File F-Prot Antivirus : No viruses found Fortinet : No viruses found Kaspersky Anti-Virus : EICAR-Test-File mks_vir : Eicar.Test (probable variant) NOD32 : No viruses found Norman Virus Control : No viruses found --------------------------------------------------- visitbipin () hotmail com posted this POC http://www.geocities.com/visitbipin/gpbf.zip AntiVir : No viruses found Avast : EICAR Test-NOT!! AVG Antivirus : EICAR_Test BitDefender : EICAR-Test-File (not a virus) ClamAV : Eicar-Test-Signature Dr.Web : EICAR Test File (NOT a Virus!) F-Prot Antivirus : No viruses found Fortinet : EICAR_TEST_FILE Kaspersky Anti-Virus : No viruses found mks_vir : No viruses found NOD32 : Eicar test file Norman Virus Control : No viruses found Interesting note: Kaspersky detects only 1 out of 2 variants AntiVir detects only 1 out of 2 variants ClamAV detects only 1 out of 2 variants mks_vir detects only 1 out of 2 variants Fortinet detects only 1 out of 2 variants NOD32 detects only 1 out of 2 variants FPROT detects 0 out of 2 variants Norman Virus Control detects 0 out of 2 variants -- Thierry Zoller mailto:Thierry () sniff-em com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://www.secunia.com/
Current thread:
- Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning bipin gautam (Mar 15)
- Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning bipin gautam (Mar 15)
- Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning Dr. Peter Bieringer (Mar 15)
- Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning Rodrigo Barbosa (Mar 15)
- Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning Nigel Horne (Mar 15)
- Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning Rodrigo Barbosa (Mar 15)
- Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning Tomasz Papszun (Mar 17)
- Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning Dr. Peter Bieringer (Mar 15)
- Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning bipin gautam (Mar 15)
- RE: Unfiltered escape sequences in filenamescontained in ZIP archives wouldn't be escaped on displaying orlogging, and can also lead to bypass AV scanning Debasis Mohanty (Mar 15)
- Re: Av issues Thierry Zoller (Mar 15)
- Re: Av issues bipin gautam (Mar 16)
- RE: Re: Av issues Sean Crawford (Mar 16)
- RE: Re: Av issues bipin gautam (Mar 16)
- Re: Re: Av issues Thierry Zoller (Mar 16)