Re: [exim] [OT] Emergency!!! Is anyone else getting this vir…

Page principale
Ce message fait partie du fil suivant :
M+\Arborescence complète du fil triée par date
MMMWakko Warner à <-
MMOdhiambo G. Washington à ->
Supprimer ce message
Répondre à ce message
Auteur: Chris Meadors
Date:  
À: Wakko Warner
CC: exim-users
Sujet: Re: [exim] [OT] Emergency!!! Is anyone else getting this virus/worm?
Wakko Warner wrote:

>>Although there was recently a bug found that if the header of a zip file
>>was altered to report the size of a file to be 0 bytes many scanners
>>would skip over the file assuming it to be safe. I wonder if the same
>>trick could be played to make the compression ratio look lower than it
>>actually is...
>
>
> Do you have any examples of a file like this?
>

Which one? http://www.testvirus.org/ has a sample 0 byte forged .zip
file on test #27. But it doesn't make it past ClamAV 0.80, so I don't
actually have a sample.

As for the compression ratio theory, it was just something I was
wondering about, of which I haven't seen a proof of concept.

--
Chris


Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-[exim] About eximRe: [exim] exim capabilities fo 10-30 K email accounts->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)