[Mimedefang] quick heads up: tampered zip passes viruscheck
Mark
admin at asarian-host.net
Fri Oct 22 05:50:45 EDT 2004
Matthew.van.Eerde at hbinc.com wrote:
> -----Original Message-----
> From: Jan Pieter Cornet [mailto:johnpc at xs4all.nl]
> This came by on the clamav mailinglist, and it went straight through
> both of my virus scanners built into mimedefang:
>
> http://www.xs4all.nl/~johnpc/eicar-hidden2.zip
>
> It's a tampered .zip file which includes a copy of EICAR. You might
> want to test how your virus scanners handle it. At least "zip" from
> InfoZip unpacks it, albeit with a warning, producing a "real"
> virus (EICAR).
Hmm, Kaspersky Lab. AntiVirus 3.0 (for FreeBSD) does not detect it either.
:( And Zip 2.3 (also for FreeBSD) unpacks to eicar.com without even so much
as an error.
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx
More information about the MIMEDefang
mailing list