Home page logo

bugtraq logo Bugtraq mailing list archives

RE: Long path exploit on NTFS
From: "andy " <andy () selekta com>
Date: Thu, 7 Feb 2002 09:53:47 -0500

Trend OfficeScan Corporate Edition
Program Version: 3.54
VSApiNT Version: 5.630-1025
TMFilter Version: 5.630.0.1004
Virus Pattern File #: 220

Tested vulnerable to deeply nested directories.

Payload used: netbus.zip

Full directory path: C:\temp\1234567890\1234567890\1234567890

When the same file was saved to c:\temp, Officescan picked it up 
right away. 

Andy Nowakowski

No, Mcafee 4.5.1 (scan engine 4.1.60, DAT 4.0.4184) is not 
vulnberable. Both
realtime scan, and manual scan worked on the deeply nested 

-----Original Message-----
From: Fleming, Diane [mailto:dfleming () fnni com] 
Sent: Tuesday, 5 February 2002 11:50
To: 'fh () rcs urz tu-dresden de'; bugtraq () securityfocus com;
hans.somers () hccnet nl
Subject: RE: Long path exploit on NTFS

Any information as to whether or not McAfee Virus Scan 4.x has 

-----Original Message-----
From: Frank Heyne [mailto:fh () rcs urz tu-dresden de]
Sent: Monday, February 04, 2002 1:15 PM
To: bugtraq () securityfocus com; hans.somers () hccnet nl
Subject: Re: Long path exploit on NTFS

On 4 Feb 2002, at 10:26, Hans Somers wrote:

Not Vunerable:
 Sophos Anti-Virus v3.53

This is not true.

According to my own tests, Sophos Anti-Virus v3.53
is unable to find virii in deeply nested NTFS subdirectories on 
NT 4.

Frank Heyne

De informatie opgenomen in dit bericht kan vertrouwelijk zijn en 
is uitsluitend bestemd voor de geadresseerde. Indien u dit 
onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken 
de afzender direct te informeren door het bericht te retourneren. 
The information contained in this message may be confidential 
and is intended to be exclusively for the addressee. Should you 
receive this message unintentionally, please do not use the 
herein and notify the sender immediately by return e-mail.





  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]