Focus on Linux
Re: Re: Begs a question: AV in Linux (correction) Feb 05 2006 03:59AM
blahblah hotmail com (3 replies)
Re: Begs a question: AV in Linux (correction) Feb 06 2006 08:26PM
lucien Fransman (lucien fransman irc2 nl)
Re: Re: Begs a question: AV in Linux (correction) Feb 06 2006 07:00PM
Eric Rostetter (rostetter mail utexas edu) (1 replies)
Re: Begs a question: AV in Linux (correction) Feb 07 2006 11:21PM
Alan McKinnon (alan linuxholdings co za)
Re: Re: Begs a question: AV in Linux (correction) Feb 06 2006 06:11PM
Antoine Martin (antoine nagafix co uk)
> Is a little misleading:
> wine - Just because a windows exploit exists in windows, does not mean it exists in wine.
>For example - if windows has a buffer exploit somewhere in its dlls,
True for buffer overflows.

>that does not mean it will exist in wine (and vice-versa). This is
>because the wine team is re-implementing the windows API without
>looking at the windows code, and the implementations will differ.
The code will differ but the interface won't (or shouldn't) and if the
virus uses that interface to get its hooks, it will still work:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106
"the same vulnerability as CVE-2005-4560 but in a different codebase."

>Not correct in the least - openoffice can't run word macros (although
>you can chose to preserve them).
I think the point was about the potential danger of macros in general
and the fact that an AV will spot them quite easily.

Antoine

[ reply ]
 

Privacy Statement
Copyright 2010, SecurityFocus