[Mimedefang] Re: jpg exploit

Stephane Lentz Stephane.Lentz at ansf.alcatel.fr
Tue Sep 28 05:15:27 EDT 2004


On Tue, Sep 28, 2004 at 12:53:41AM -0600, Lucas Albers wrote:
> correction linux engine:
> Scan engine v4.2.40 for Linux.
> 
> Lucas Albers said:
> > Appears this jpg exploit is detected on windows mcafee 7.1 scanner running
> > 4394.
> > It is not detected on a linux server running with the 4.3.20 engine and
> > 4394 dat.
> > Run with these switches on the linux scanner:
> > uvscan --secure --mime --allole
> >
> > Virus information here:
> > http://it.slashdot.org/it/04/09/27/2319222.shtml?tid=172&tid=218
> >
> > bdc currently detects it as a virus.
> >
> >
> > --
The zip in 
http://lists.netsys.com/pipermail/full-disclosure/2004-September/026950.html
is detected by Kaspersky, Trend, Bitdefender (virus names mention
MS04-028) 

I've submitted the post to the ClamAv folks as it is not yet detected by
ClamAV. 
---
Stephane Lentz 
AES TSC



More information about the MIMEDefang mailing list