[35435] in bugtraq
Re: Virus scan attack
daemon@ATHENA.MIT.EDU (Victor Julien)
Tue Jun 22 19:18:00 2004
From: Victor Julien <victor@nk.nl>
To: bugtraq@securityfocus.com
Date: Tue, 22 Jun 2004 14:14:44 +0200
In-Reply-To: <40D44D15.1080306@dpi.inpe.br>
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <200406221414.44806.victor@nk.nl>
Hi,
We had the same problem with mcafee for linux. Upgrading the scanengine to
4.2.30 solved the problem. We still used an old (and unsupported) version.
See: ftp://ftp.nai.com/pub/ for a new version of the scanengine.
Regards,
Victor Julien
On Saturday 19 June 2004 16:26, Joao B. Diehl wrote:
> We had this same problem with the DAT 4367. Returning to
> DAT 4366 it worked again.
>
> Nate Nord wrote:
> > Just wondering if anyone else has seen this come through their mail
> > portal. Something has caused our McAfee Webshield SMTP to seriously eat
> > processor time... to the point that it will no longer forward scanned
> > mail. I've had to temporarily bypass it until I figure out what it's
> > choking on. I saw several other posts that said this sent processors
> > into some kind of loop and this is exactly what appears to be happening
> > with our portal.
> >
> >
> > ] -----Original Message-----
> > ] From: Bipin Gautam [mailto:visitbipin@hotmail.com]
> > ] Sent: Sunday, June 13, 2004 7:33 AM
> > ] To: bugtraq@securityfocus.com
> > ] Subject: Antivirus/Trojan/Spyware scanners DoS!
> > ]
> > ]
> > ]
> > ] Hello everybody,
> > ]
> > ]
> > ]
> > ] I doubt how many Antivirus/Trojan/Spyware scanners will choak
> > ] to death while having a "manual scan" of this file. Please go
> > ] ahead and give it a try.
> > ]
> > ]
> > ]
> > ] http://www.geocities.com/visitbipin/SERVER_dwn.zip
> > ]
> > ]
> > ]
> > ] I was woundering, what would be the results if such file gets
> > ] stucked in an "AV gateway" (O;
> > ]
> > ]
> > ]
> > ] please, report your findings..... I have already been
> > ] bombarded with strange reports.
> > ]
> > ]
> > ]
> > ] regards,
> > ]
> > ]
> > ]
> > ] Bipin Gautam
> > ]
> > ] http://www.geocities.com/visitbipin/
