Changes : [TZO-17-2009]Trendmicro multiple bypass/evasions May 09 2009 10:24AM
Thierry Zoller (Thierry Zoller lu)

UPDATE : Trendmicro RAR / CAB bypass evasion

CHANGES to original advisory [TZO-172009] Trendmicro :

Status : RAR / CAB issue WILL be patched on June 17

Quoting vendor :
"This vulnerability is capable of allowing attackers to send RAR files
with corrupted RAR headers through our gateway products, which bypass
the compressed files without scanning them."

This just goes to proove that publishing changes perception, as
customers read, react and complain. (Trend previously denied
patching). In other words, always publish even if the vendor denies

In the name of all TrendMicro customers I would like to thank those
customers that reacted and complained. Wihtout publication there is no
change, without those reacting to advisories there is neither.

Prooves #2 and #5 at http://blog.zoller.lu/2009/04/dear-thierry-why-are-you-such-arrogant.htm
to be valid.

Thierry Zoller

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus