[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability.

To: visitbipin@xxxxxxxxx
Subject: [Full-disclosure] Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability.
From: "Lise Moorveld" <lise_moorveld@xxxxxxxxxxx>
Date: Fri, 11 Mar 2005 11:46:16 +0100

Hi,

Well, technically these would be separate vulnerabilities, wouldn't you say? Could you perhaps share a bit more information about which headers work well in circumventing which AV products?

-- Lise

get the new updates at,
http://www.geocities.com/visitbipin/crc.html
strangely, after modifying other general purpose bit flag in the zip header like,compression method,last mod file time,last mod file date,file name length,extra field length... [NOT: compressed size, uncompressed size which was pointed out by iDEFENSE before]

strangely i found some other AV pron to the BUG.


_________________________________________________________________
Talk with your online friends with MSN Messenger http://messenger.msn.nl/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/

Prev by Date: [Full-disclosure] Multiple AV Vendor Incorrect CRC32 BypassVulnerability.
Next by Date: [Full-disclosure] Multiple AV Vendor Incorrect CRC32 BypassVulnerability.
Previous by thread: [Full-disclosure] [OFFTOPIC] I don't know if anyone has noticed...
Next by thread: [Full-disclosure] Re: Multiple AV Vendor Incorrect CRC32 Bypass Vulnerability.
Index(es):
- Date
- Thread