 | ||||||
| << Previous | INDEX | Search | src | Set bookmark | Go to bookmark | Next >> |
| ||||||
| |||||||||||||||||||||
Date: Wed, 30 Jan 2002 17:40:53 +0100
From: Remko Catersels <Remko.Catersels@asr.nl>
To: hans.somers@nl.abnamro.com
Subject: Betr.: Long path exploit on NTFS
Cc: bugtraq@securityfocus.com
> Long path exploit on NTFS
> =====================
> The filesystem NTFS seems to be a hiding place for virusses if you use a
file path which
> exceeds 256 charaters.
McAfee Virusscan V4.5.1 running on NT4.0 SP6a seems vulnerable to the same
trick.
Virusscan found eicar1 but not eicar2. Worst thing is, it just silently
stopped (no error it couldn't go 'deeper') and claimed there where no more
infected items.
--
Remko Catersels Remko.Catersels@asr.nl
Security Specialist (BOFH) A.S.R. Verzekeringsgroep N.V.
CC WHILS +31 - (0)10 - 401 3273
Security isn't easy, nor is it something that you can bolt onto a product
after the fact.
-- Bruce Schneider.
***********************DISCLAIMER***********************
Deze e-mail is uitsluitend bestemd voor de geadresseerde(n).
Verstrekking aan en gebruik door anderen is niet toegestaan.
AMEV Stad Rotterdam Verzekeringsgroep (ASR) N.V. sluit
iedere aansprakelijkheid uit die voortvloeit uit
elektronische verzending.
This e-mail is intended exclusively for the addressee(s),
and may not be passed on to, or made available for use
by any person other than the addressee(s).
AMEV Stad Rotterdam Verzekeringsgroep (ASR) N.V.
rules out any and every liability resulting from any
electronic transmission.
********************************************************
| |||||||||||||||||||||