Full Disclosure mailing list archives
Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability.
From: bipin gautam <visitbipin () yahoo com>
Date: Thu, 10 Mar 2005 03:00:26 -0800 (PST)
--- Frederic Charpentier <fcharpen () xmcopartners com> wrote:
Hi, I saw this behaviour last week with the virus "MyDoom.BE". I use the mail gateway with Clamav/Amavis. Clamav doesn't detect the virus embeded in the zip file (with a crc broken). But, Trendmicro detects it.
That's strange, though i admit... i've shared this
info with very few* trusted security researchers,
since past few months..... though i it find VERY HARD
to believe some, who had access to this info since
past few month were involved in creating, "MyDoom.BE"
(O;
bipin
__________________________________
Do you Yahoo!?
Yahoo! Small Business - Try our new resources site!
http://smallbusiness.yahoo.com/resources/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/
Current thread:
- Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. bipin gautam (Mar 09)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. Frederic Charpentier (Mar 10)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. Dr. Peter Bieringer (Mar 10)
- <Possible follow-ups>
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. bipin gautam (Mar 10)
- RE: Multiple AV Vendor Incorrect CRC32 BypassVulnerability. Randall M (Mar 10)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. bipin gautam (Mar 10)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. Lise Moorveld (Mar 11)
- Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability. bipin gautam (Mar 11)