[Mimedefang] Re: jpg exploit

Kevin A. McGrail kmcgrail at pccc.com
Tue Sep 28 08:10:56 EDT 2004


I am using scan engine 4.3.20 with Virus Scan for Linux v4.32.0 with Virus
data file v4394.

I show that the following works fine:

uvscan --secure --mime --allole --noboot virus-jpeg.zip
/root/virus-jpeg.zip/POSSIBLEVIRUS.JPG
        Found the Exploit-MS04-028 Trojan !!!

I think you just need to install the latest Linux engine.  4.3.2 came out in
December 2003 I believe.

Regards,
KAM


----- Original Message ----- 
From: "Lucas Albers" <admin at cs.montana.edu>
To: <mimedefang at lists.roaringpenguin.com>
Cc: <virus_research at avertlabs.com>
Sent: Tuesday, September 28, 2004 2:53 AM
Subject: [Mimedefang] Re: jpg exploit


> correction linux engine:
> Scan engine v4.2.40 for Linux.
>
> Lucas Albers said:
> > Appears this jpg exploit is detected on windows mcafee 7.1 scanner
running
> > 4394.
> > It is not detected on a linux server running with the 4.3.20 engine and
> > 4394 dat.
> > Run with these switches on the linux scanner:
> > uvscan --secure --mime --allole



More information about the MIMEDefang mailing list