Full Disclosure: RE: Multiple AV Vendor Incorrect CRC32 BypassVulnerability.

Full Disclosure mailing list archives

RE: Multiple AV Vendor Incorrect CRC32 BypassVulnerability.

From: bipin gautam <visitbipin () yahoo com>
Date: Thu, 10 Mar 2005 09:43:59 -0800 (PST)

get the new updates at,
http://www.geocities.com/visitbipin/crc.html

strangely, after modifying other general purpose bit
flag in the zip header like,compression method,last
mod file time,last mod file date,file name
length,extra field length... 
[NOT: compressed size, uncompressed size which was
pointed out by iDEFENSE before]         

strangely i found some other AV pron to the BUG.

bipin 

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/

By Date By Thread

Current thread:

RE: Multiple AV Vendor Incorrect CRC32 BypassVulnerability. bipin gautam (Mar 10)
- <Possible follow-ups>
- Multiple AV Vendor Incorrect CRC32 BypassVulnerability. Steve Scholz (Mar 11)
- Multiple AV Vendor Incorrect CRC32 BypassVulnerability. Steve Scholz (Mar 11)
- Multiple AV Vendor Incorrect CRC32 BypassVulnerability. Steve Scholz (Mar 11)
  - RE: Multiple AV Vendor Incorrect CRC32BypassVulnerability. David J. Weaver (Mar 11)
- Multiple AV Vendor Incorrect CRC32 BypassVulnerability. Steve Scholz (Mar 11)
- Multiple AV Vendor Incorrect CRC32 BypassVulnerability. Steve Scholz (Mar 11)
- Re: Multiple AV Vendor Incorrect CRC32 BypassVulnerability. bipin gautam (Mar 11)
- RE: Re: Multiple AV Vendor Incorrect CRC32 BypassVulnerability. Steve Scholz (Mar 12)
  - RE: Re: Multiple AV Vendor Incorrect CRC32 BypassVulnerability. bipin gautam (Mar 12)