Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Long path exploit on NTFS
From: "Christophe Bousquet" <c.bousquet () adilinstruments com>
Date: Wed, 6 Feb 2002 07:52:47 +0100

Actually, you don't have to deal with long path name.

Here's a little experiment I've just done :
- a file with something that triggers my MacAfee VirusScan NT, put it in
    folder "Hello". Start scan : no problem, VirusScan warns me about
    the dangerous thing.
- same file, in folder called "nihongo", but labeled using japanese
    characters i.e. a folder with a unicode name. Start scan : nothing!
    No warning, because (i guess) no scan at all.

As Mr LeBlanc said, the problem here is those so-called NT version that
don't know what NT is.

Experiment done with VirusScan Engine 4.1.60, datfile 4.0.4183 on my
english NT 4.0 SP6+SRP+.. The bait I use is cdc's back orifice in a zip.

And for the little history, I don't blame MacAfee more than almost any
other app. I really hate it when xxxAmp can't play my jpop mp3, when
xxxCDCreator can't backup my folders on CD-R, etc...

Best regards

** speaking for myself and *not* for my employer. **

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]