Home page logo

bugtraq logo Bugtraq mailing list archives

RE: Long path exploit on NTFS
From: Didier Arenzana <darenzana () yahoo fr>
Date: Tue, 5 Feb 2002 09:59:14 +0100 (CET)

I've tried the script with virus scan, signature file 4.0.4183.

o If VirusShield is active while runing the script, it detects both files
and prevent their generation, but crashes on the second one. However, even
after the crash it's still active. The ceation of viruses is still not
possible, but you are not warned anymore.

o If VirusShield is not active while runing the script, and you scan the
disk afterwards, the first file is detected and removed, the second one is
not, and there is no error message of any kind.


 --- "Fleming, Diane" <dfleming () fnni com> a écrit : 
Any information as to whether or not McAfee Virus Scan 4.x has this

-----Original Message-----
From: Frank Heyne [mailto:fh () rcs urz tu-dresden de]
Sent: Monday, February 04, 2002 1:15 PM
To: bugtraq () securityfocus com; hans.somers () hccnet nl
Subject: Re: Long path exploit on NTFS

On 4 Feb 2002, at 10:26, Hans Somers wrote:

Not Vunerable:
 Sophos Anti-Virus v3.53

This is not true.

According to my own tests, Sophos Anti-Virus v3.53
is unable to find virii in deeply nested NTFS subdirectories on NT 4.

Frank Heyne


Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Mail : http://fr.mail.yahoo.fr

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]