|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-Disclosure] [ GLSA 200501-46 ] ClamAV: Multiple issues
From: Trog (trog
uncon.org)
Date: Tue Feb 01 2005 - 17:16:17 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 2005-02-01 at 14:41 -0800, Dack wrote:
> > > By sending a base64 encoded image file in a URL an attacker could evade
> > > virus scanning.
> > It's somewhat harsh to single out ClamAV for this issue. AFAICT, the
> > only two virus scanners that do currently protect against this are
>
> What mail clients, if any, would execute a virus encoded in this manner?
> Is this a gaping hole in other mail anti-virus systems, or do most
> clients just ignore this kind of data?
I really haven't tested mail clients, but Thunderbird would be the most
likely.
-trog
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
iD8DBQBCAA3A9PDUb2r4PKMRAn75AJ0QTebSCx2UmlssAOhx4a3oTvB3lACbBBC+
aeaMg9HVVPl9FSJ+DMAaY0g=
=V4yb
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]