[21515] in bugtraq
McAfee ASaP Virusscan - myCIO HTTP Server Directory Traversal Vulnerabilty
daemon@ATHENA.MIT.EDU (ade245@hushmail.com)
Mon Jul 16 00:39:44 2001
From: ade245@hushmail.com
Message-Id: <200107141530.IAA20875@user5.hushmail.com>
Date: Sat, 14 Jul 2001 16:15:17 +0000 (GMT+01:00)
To: bugtraq@securityfocus.com
Mime-version: 1.0
Content-type: multipart/mixed; boundary="Hushpart_boundary_FrWMAXoiqUNlWmlAmQwRQdUbfDeQjgyl"
--Hushpart_boundary_FrWMAXoiqUNlWmlAmQwRQdUbfDeQjgyl
Content-type: text/plain
Hi all,
To follow up on my initial post. I have had a few people contact me off
list asking for more details as to how "Rumour" technology works and asking
if the the virus definitions are digitally signed to prevent the upload
of bogus definitions. To the best of my knowledge they are signed.
FYI
http://news.zdnet.co.uk/story/0,,s2082390,00.html
"Rumor, the technology announced last week by MyCIO.com, uses a more sociological
analogy -- the passing of a juicy rumour between friends -- to deliver definitions
by the currently vogue method of peer-to-peer networking."
http://www.slashdot.org/articles/00/10/24/157257.shtml
"ZDNet is reporting on two products that are based off the peer-to-peer
sharing idea that Napster made popular to release two useful tools to the
community. First, "Rumor" is a p2p program that helps to spread the updates
to virus protections programs by having each client on an intranet act as
a p2p node, reducing the load on servers and speeding the distrubtion of
the update."
Cheers,
Ade
PS Some things I failed to mention in my initial advisory: People can copy
files to the \winnt\mycio\agent\rmrcache and happily share them with their
work collegues. Also the uploading of files to the integrated web server
is thankfully stymied by the fact that the server seems to only support
the HTTP GET method.
Free, encrypted, secure Web-based email at www.hushmail.com
--Hushpart_boundary_FrWMAXoiqUNlWmlAmQwRQdUbfDeQjgyl--
