Guardian Digital BugTraq Mailing List Archive

....

Guardian Digital Inc. > InfoCenter > Mailing List Archives > BugTraq

BugTraq Mailing List Archive

About this list	Date view	Thread view	Subject view	Author view	Attachment view

From: Dan Margolis (krispykringle@gentoo.org)
Date: Mon Dec 13 2004 - 21:45:36 EST

Next message: Paul Laudanski: "phpBB Attachment Mod Directory Traversal HTTP POST Injection"
Previous message: Paul Starzetz: "Linux kernel scm_send local DoS"

If an attacker can spoof the signature file download site, he can
potentially do quite a bit worse than this (in that he can deny the
usability of the antivirus engine at all by providing a bogus
signature file). I'd think that some form of cryptography would be in
use to prevent this (either SSL or signing of the archives
themselves). Am I mistaken?

(Caveat being that I don't use any anti-virus products of this nature,
so I really don't know.)

On Thu, Nov 04, 2004 at 03:56:02PM -0800, vuln@hexview.com wrote:
> After downloading ZIP archive off the website (either legitimate
> Symantec website or a spoofed one controlled by attacker)

-- 
Dan

Next message: Paul Laudanski: "phpBB Attachment Mod Directory Traversal HTTP POST Injection"
Previous message: Paul Starzetz: "Linux kernel scm_send local DoS"

About this list	Date view	Thread view	Subject view	Author view	Attachment view

[ About Guardian Digital ] - [ Press Center ] - [ Contact Us ] - [ System Activation ] - [ Reseller Info ] - [ Online Store ] - [ Site Map ]
Copyright (c) 2000 - 2004 Guardian Digital, Inc. Linux Lockbox and EnGarde are Trademarks of Guardian Digital, Inc.