what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 4 of 4

Files from Dr. Peter Bieringer

kavLocalRoot.txt

Posted Aug 13, 2005

Authored by Dr. Peter Bieringer

Due to the logs directory being 777 by default, Kaspersky AntiVirus 5.5 is susceptible to a local root exploit via a symlink attack. Details are provided.

tags | exploit, local, root

SHA-256 | 4221d11c999895f3600e0c16961946b2c0424f23876f1d8b87d18a563fb9fbfa

Download | Favorite | View

Perl-Net-Server-log.txt

Posted Apr 24, 2005

Authored by Dr. Peter Bieringer | Site aerasec.de

The log function in Perl's Net::Server module (used by postgrey, among other tools) is vulnerable to format string attacks. However, it is not clear what the exact impact of this is in a Perl environment.

tags | advisory, perl

SHA-256 | 778555738d428bd2a4087fa2b5c8d98b4df893c1bcdcc2f5c4e68e53bd7634fa

Download | Favorite | View

symantecAV.txt

Posted Feb 16, 2004

Authored by Dr. Peter Bieringer

The Symantec AntiVirus Scan Engine for Linux has a possible race condition via a symlink attack in /tmp.

tags | advisory

systems | linux

SHA-256 | 7603b97a86063ada3a6bbaacd9422e0f4212735f47d6515ab0e95f25df4ccb24

Download | Favorite | View

decompression-bomb-vulnerability.html

Posted Feb 3, 2004

Authored by Dr. Peter Bieringer | Site aerasec.de

Research on the various reactions of anti-virus software against decompression bombs. Has a thorough comparison chart and is definately a good read.

tags | paper, virus

SHA-256 | 960bc488f2320ff76aabcaee668318043ab11705ecc667a76e5cb089b8ab5799

Download | Favorite | View