[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: eSafe: Could this be exploited?

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: eSafe: Could this be exploited?
From: Kev Ford <kev@xxxxxxxxxx>
Date: Wed, 28 Jul 2004 10:30:35 +0100

On 26 Jul 2004, at 21:26, Hugo van der Kooij wrote:

If someone is able to create a test executable based on the EICAR string the point might be proven. Unfortunatly I am not a programmer and lack window compiler tools all together. But if someone thinks (s)he can create a sample binary that may run when the last bit is shot to pieces and still contain a valid EICAR definition to show to the screen the issue might be proven.

Just an idle thought, but what about scripting? Would it be possible to get some simple scripts through simply by making a large portion of the end of the message useless comment fields? Maybe even a worm that rewrites this 'noise' every time to make a moving target?

Follow-Ups:
- Re: eSafe: Could this be exploited?
  - From: Nick FitzGerald

References:
- eSafe: Could this be exploited?
  - From: Hugo van der Kooij
- Re: eSafe: Could this be exploited?
  - From: 3APA3A
- Re: eSafe: Could this be exploited?
  - From: MegaHz
- Re: eSafe: Could this be exploited?
  - From: Hugo van der Kooij

Prev by Date: Pavuk Digest Authentication Buffer Overflow
Next by Date: MDKSA-2004:074 - Updated webmin packages correct remote attacker vulnerabilities
Previous by thread: Re: eSafe: Could this be exploited?
Next by thread: Re: eSafe: Could this be exploited?
Index(es):
- Date
- Thread