Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15329
HistoryDec 08, 2006 - 12:00 a.m.

Re: Multiple Vendor Unusual MIME Encoding Content Filter Bypass

2006-12-0800:00:00
vulners.com
5
JSON

On Thu, 7 Dec 2006 22:00:31 +0300
3APA3A <[email protected]> wrote:

> Dear Tomasz Kojm,
>
> TK> That's extremely irresponsible to disclose bugs without giving the
> TK> vendors any chance to fix them and prepare new software releases.
>
> This is a rare case I can not agree with such statement.
>
> Ability to bypass content filter is not a bug before this issues is
> used in-the-wild, like ability to write undetectable virus is not a bug
> in antivirus. It may be simply impossible to find all vendors and wait
> for all fixes.

I pretty much agree here, however I was particularly talking about the DoS
in ClamAV and not the MIME issue which can be fixed with a one-line patch.


oo … Tomasz Kojm <[email protected]>
(\/)\… http://www.ClamAV.net/gpg/tkojm.gpg
\…_ 0DCA5A08407D5288279DB43454822DC8985A444B
//\ /\ Thu Dec 7 20:26:03 CET 2006

JSON