|
|
Incidents
Possible Mail server compromise ? Feb 04 2008 06:28PM Faas M. Mathiasen (faas m mathiasen googlemail com) (3 replies) Re: Possible Mail server compromise ? Feb 12 2008 11:41PM Faas M. Mathiasen (faas m mathiasen googlemail com) (3 replies) Re: Possible Mail server compromise ? Feb 18 2008 07:19PM Faas M. Mathiasen (faas m mathiasen googlemail com) (2 replies) Re: Possible Mail server compromise ? Feb 20 2008 02:43AM Eduardo Tongson (propolice gmail com) (1 replies) Re: Possible Mail server compromise ? Feb 20 2008 07:33PM Faas M. Mathiasen (faas m mathiasen googlemail com) (1 replies) Re: Possible Mail server compromise ? Feb 19 2008 05:35PM Bob Toxen (vger verysecurelinux com) (2 replies) Re: Possible Mail server compromise ? Feb 20 2008 02:14AM Jon Oberheide (jon oberheide org) (1 replies) Re: Possible Mail server compromise ? Feb 20 2008 05:11PM Valdis Kletnieks vt edu (1 replies) Re: Possible Mail server compromise ? Feb 20 2008 07:25PM Faas M. Mathiasen (faas m mathiasen googlemail com) (1 replies) Re: Possible Mail server compromise ? Feb 20 2008 11:07PM Peter Kosinar (goober ksp sk) (1 replies) Re: Possible Mail server compromise ? Feb 21 2008 10:49AM Faas M. Mathiasen (faas m mathiasen googlemail com) (1 replies) RE: Possible Mail server compromise ? Feb 22 2008 12:38AM Richard C Lewis (chad mr-lew com) (1 replies) Re: Possible Mail server compromise ? Feb 26 2008 04:19PM Faas M. Mathiasen (faas m mathiasen googlemail com) Re: Possible Mail server compromise ? Feb 19 2008 06:46PM Faas M. Mathiasen (faas m mathiasen googlemail com) (3 replies) Re: Possible Mail server compromise ? Feb 20 2008 02:48PM Eygene Ryabinkin (rea-sec codelabs ru) (2 replies) Re: Possible Mail server compromise ? Feb 20 2008 10:59PM Valdis Kletnieks vt edu (1 replies) Re: Possible Mail server compromise ? Feb 21 2008 10:31AM Faas M. Mathiasen (faas m mathiasen googlemail com) (1 replies) Re: Possible Mail server compromise ? Feb 20 2008 07:10PM Faas M. Mathiasen (faas m mathiasen googlemail com) Re: Possible Mail server compromise ? Feb 20 2008 07:05AM Bob Toxen (vger VerySecureLinux com) (1 replies) Re: Possible Mail server compromise ? Feb 04 2008 07:05PM Jon R. Kibler (Jon Kibler aset com) (1 replies) Re: Possible Mail server compromise ? Feb 04 2008 09:39PM Tony Maupin (tony themaupins com) (1 replies) Re: Possible Mail server compromise ? Feb 04 2008 09:57PM Faas M. Mathiasen (faas m mathiasen googlemail com) (1 replies) |
|
Privacy Statement |
I don't want to start a flame war, let's keep the information relevant
and on topic, as such I'd like
to comment on things relevant to the general public, everything else
is private mail. :) ok?
> It goes without saying that patching does not protect against zero day
> exploits.
:)
> I don't understand what you are saying. I am assuming that the nruns.com
> product is scanning for viruses in email.
Hmm, I am not sure you (or I) got it right, but apparently they don't parse
the data. So basically if they don't parse it they are a lot less vulnerable
to remote attacks, agree?
> Thus, the data (the email)
> can be manipulated by the attacker.
See above, as I understand it, there is no parsing involved a part
from your normal FROM etc headers.
Attachments that normally contain the payloads (read lots of formats)
are usually
> "No-Parsing paradigma"? Paradigma isn't even a word (according to
> www.merriam-webster.com).
You are referring to a typo instead of commenting on my concern, lets
keep the mails relevant
for the general public, if your comment was sincere : you should
lookup "paradigm"
> Our product (and to various degrees others, such as raw ClamAV) also run
> in a "sealed" environment such as a separate UID, chroot'ed, etc.
I beg to differ, chroot is by no means a "sealed" environment. There
are lots of ways to break out of it...
> No, ClamAV would not be vulnerable to this ...
What I posted here was an exploit against Clamav
http://milw0rm.com/exploits/4761
Regards,
Faas.M.Mathiasen
[ reply ]