[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability.

To: full-disclosure@xxxxxxxxxxxxxxxxx, vuln@xxxxxxxxxxx
Subject: Re: [Full-disclosure] Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability.
From: bipin gautam <visitbipin@xxxxxxxxx>
Date: Thu, 10 Mar 2005 03:00:18 -0800 (PST)

--- Frederic Charpentier <fcharpen@xxxxxxxxxxxxxxxx>
wrote:
> Hi, I saw this behaviour last week with the virus
> "MyDoom.BE".
> I use the mail gateway with Clamav/Amavis. Clamav
> doesn't detect the 
> virus embeded in the zip file (with a crc broken).
> But, Trendmicro detects it.

That's strange, though i admit... i've shared this
info with very few* trusted security researchers,
since past few months..... though i it find VERY HARD
to believe some, who had access to this info since
past few month were involved in creating, "MyDoom.BE" 
    (O;

bipin 

__________________________________ 
Do you Yahoo!? 
Read only the mail you want - Yahoo! Mail SpamGuard. 
http://promotions.yahoo.com/new_mail 
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/

Follow-Ups:
- RE: [Full-disclosure] Multiple AV Vendor Incorrect CRC32 BypassVulnerability.
  - From: Randall M

Prev by Date: Re: [Full-disclosure] Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability.
Next by Date: Re: [Full-disclosure] Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability.
Previous by thread: Re: [Full-disclosure] Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability.
Next by thread: RE: [Full-disclosure] Multiple AV Vendor Incorrect CRC32 BypassVulnerability.
Index(es):
- Date
- Thread