Trend OfficeScan Corporate Edition Program Version: 3.54 VSApiNT Version: 5.630-1025 TMFilter Version: 5.630.0.1004 Virus Pattern File #: 220 Tested vulnerable to deeply nested directories. Payload used: netbus.zip Full directory path: C:\temp\1234567890\1234567890\1234567890 \1234567890\1234567890\1234567890\1234567890\1234567890\1234567890 \1234567890\1234567890\1234567890\1234567890\1234567890\1234567890 \1234567890\1234567890\1234567890\1234567890\1234567890 \123456789012345678\ When the same file was saved to c:\temp, Officescan picked it up right away. Andy Nowakowski >No, Mcafee 4.5.1 (scan engine 4.1.60, DAT 4.0.4184) is not vulnberable. Both >realtime scan, and manual scan worked on the deeply nested directories. > >-----Original Message----- >From: Fleming, Diane [mailto:dfleming@fnni.com] >Sent: Tuesday, 5 February 2002 11:50 >To: 'fh@rcs.urz.tu-dresden.de'; bugtraq@securityfocus.com; >hans.somers@hccnet.nl >Subject: RE: Long path exploit on NTFS > > >Any information as to whether or not McAfee Virus Scan 4.x has this >vulnerability? > >-----Original Message----- >From: Frank Heyne [mailto:fh@rcs.urz.tu-dresden.de] >Sent: Monday, February 04, 2002 1:15 PM >To: bugtraq@securityfocus.com; hans.somers@hccnet.nl >Subject: Re: Long path exploit on NTFS > > >On 4 Feb 2002, at 10:26, Hans Somers wrote: > >> Not Vunerable: >> -------------- >> *1 >> Sophos Anti-Virus v3.53 > >This is not true. > >According to my own tests, Sophos Anti-Virus v3.53 >is unable to find virii in deeply nested NTFS subdirectories on NT 4. > > > >Frank Heyne > > > > >================================================================== >De informatie opgenomen in dit bericht kan vertrouwelijk zijn en >is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht >onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en >de afzender direct te informeren door het bericht te retourneren. >================================================================== >The information contained in this message may be confidential >and is intended to be exclusively for the addressee. Should you >receive this message unintentionally, please do not use the contents >herein and notify the sender immediately by return e-mail. > > >================================================================== > > ________________________________________________________________ selekta.com
