[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning

To: "bugtraq@xxxxxxxxxxxxxxxxxxxxxxxx"@securityfocus.com, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning
From: Thierry Zoller <Thierry@xxxxxxxxxxxx>
Date: Tue, 15 Mar 2005 22:45:50 +0100

Addendum to my last Post :
Credit where Credit is due. List generated with help of 
http://virusscan.jotti.org/
If you are an AV vendor pelase donate a license to this website. Thanks.

-- 
Thierry Zoller
http://www.sniff-em.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://www.secunia.com/

References:
- [Full-disclosure] Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning
  - From: Dr. Peter Bieringer
- [Full-disclosure] Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning
  - From: Michael J. Pomraning
- [Full-disclosure] Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning
  - From: Dr. Peter Bieringer
- [Full-disclosure] Re: Unfiltered escape sequences in filenames contained in ZIP archives wouldn't be escaped on displaying or logging, and can also lead to bypass AV scanning
  - From: Thierry Zoller