OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: andy (andyselekta.com)
Date: Thu Feb 07 2002 - 08:53:47 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Trend OfficeScan Corporate Edition
    Program Version: 3.54
    VSApiNT Version: 5.630-1025
    TMFilter Version: 5.630.0.1004
    Virus Pattern File #: 220

    Tested vulnerable to deeply nested directories.

    Payload used: netbus.zip

    Full directory path: C:\temp\1234567890\1234567890\1234567890
    \1234567890\1234567890\1234567890\1234567890\1234567890\1234567890
    \1234567890\1234567890\1234567890\1234567890\1234567890\1234567890
    \1234567890\1234567890\1234567890\1234567890\1234567890
    \123456789012345678\

    When the same file was saved to c:\temp, Officescan picked it up
    right away.

    Andy Nowakowski

    >No, Mcafee 4.5.1 (scan engine 4.1.60, DAT 4.0.4184) is not
    vulnberable. Both
    >realtime scan, and manual scan worked on the deeply nested
    directories.
    >
    >-----Original Message-----
    >From: Fleming, Diane [mailto:dflemingfnni.com]
    >Sent: Tuesday, 5 February 2002 11:50
    >To: 'fhrcs.urz.tu-dresden.de'; bugtraqsecurityfocus.com;
    >hans.somershccnet.nl
    >Subject: RE: Long path exploit on NTFS
    >
    >
    >Any information as to whether or not McAfee Virus Scan 4.x has
    this
    >vulnerability?
    >
    >-----Original Message-----
    >From: Frank Heyne [mailto:fhrcs.urz.tu-dresden.de]
    >Sent: Monday, February 04, 2002 1:15 PM
    >To: bugtraqsecurityfocus.com; hans.somershccnet.nl
    >Subject: Re: Long path exploit on NTFS
    >
    >
    >On 4 Feb 2002, at 10:26, Hans Somers wrote:
    >
    >> Not Vunerable:
    >> --------------
    >> *1
    >> Sophos Anti-Virus v3.53
    >
    >This is not true.
    >
    >According to my own tests, Sophos Anti-Virus v3.53
    >is unable to find virii in deeply nested NTFS subdirectories on
    NT 4.
    >
    >
    >
    >Frank Heyne
    >
    >
    >
    >
    >==================================================================
    >De informatie opgenomen in dit bericht kan vertrouwelijk zijn en
    >is uitsluitend bestemd voor de geadresseerde. Indien u dit
    bericht
    >onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken
    en
    >de afzender direct te informeren door het bericht te retourneren.
    >==================================================================
    >The information contained in this message may be confidential
    >and is intended to be exclusively for the addressee. Should you
    >receive this message unintentionally, please do not use the
    contents
    >herein and notify the sender immediately by return e-mail.
    >
    >
    >==================================================================
    >
    >
     

    ________________________________________________________________
    selekta.com