"Eduardo R. Maciel" <maciel@inetd.com.br> writes: > ----------------------------------- > -----[ SECURITY ANNOUNCEMENT ]----- > ----------------------------------- > iNetd Security Research Annoucement > > ... > > An antivirus mailscanner should check the filesizes inside a > compressed file like .tar.gz, .zip, .bz2, etc, BEFORE open the file > for scanning. > > All the products that doesn't do that checking are vulnerable to a > Denial Of Service attack. That is a long known issue and was described in more depth several times in several ML/news in relation with i.e. http://www.fefe.de/antivirus/42.zip http://groups.google.com/groups?q=42.zip+antivirus returns 27 (!) threads about this issue... So IMO this so called "announcement" is really no topic here. Martin
