Re: [Declude.Virus] Invalid Zip Vulnerability

No name, just the extenesion?John T eServices For You -Original Message- From: Andy Schmidt [EMAIL PROTECTED] Sent 3/3/2008 9:30:59 AM To: [EMAIL PROTECTED] Cc: declude.virus@declude.com Subject: [Declude.Virus] Invalid Zip VulnerabilityHi, I checked your KB – and it doesn’t document that

RE: [Declude.Virus] Invalid Zip Vulnerability

Of John T Sent: Thursday, March 06, 2008 10:54 AM To: declude.virus@declude.com Subject: Re: [Declude.Virus] Invalid Zip Vulnerability No name, just the extenesion? John T eServices For You -Original Message- From: Andy Schmidt [EMAIL PROTECTED] Sent 3/3/2008 9:30:59 AM To: [EMAIL

re: [Declude.Virus] [Invalid ZIP Vulnerability]

Not too sure you'd want to turn that off. We've been getting hit by a wave of messages the last two days, all with the same vulnerability. I've been too busy to spend any time looking at the payload...but if they're not viruses they are definitely spam. I'm catching about 40 per hour, widely

Re: [Declude.Virus] [Invalid ZIP Vulnerability]

, and include a link to a script to requeue the message for delivery. Darin. - Original Message - From: Shayne Embry [EMAIL PROTECTED] To: declude.virus@declude.com Sent: Tuesday, July 31, 2007 5:09 PM Subject: re: [Declude.Virus] [Invalid ZIP Vulnerability] Not too sure you'd want

Re: [Declude.Virus] [Invalid ZIP Vulnerability]

They are neither virus or spam but legit email. Shayne Embry wrote: Not too sure you'd want to turn that off. We've been getting hit by a wave of messages the last two days, all with the same vulnerability. I've been too busy to spend any time looking at the payload...but if they're not

Re: [Declude.Virus] [Invalid ZIP Vulnerability]

: Tuesday, July 31, 2007 4:23 PM To: declude.virus@declude.com Subject: Re: [Declude.Virus] [Invalid ZIP Vulnerability] We got slammed with them today as well. It caught a bunch that made it past spam filtering (we run AVAFTERJM ON). So I'd second that recommendation to NOT turn it off. If you're

Re: [Declude.Virus] [Invalid ZIP Vulnerability]

The point is you may let some not-yet-detected viruses through, but in any case you can do that with a switch in the virus.cfg. Darin. - Original Message - From: Heimir Eidskrem To: declude.virus@declude.com Sent: Tuesday, July 31, 2007 6:23 PM Subject: Re: [Declude.Virus] [Invalid

RE: [Declude.Virus] [Invalid ZIP Vulnerability]

: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darin Cox Sent: Tuesday, July 31, 2007 5:34 PM To: declude.virus@declude.com Subject: Re: [Declude.Virus] [Invalid ZIP Vulnerability] We use this vulnerability.eml -- Begin vulnerability.eml

Re: [Declude.Virus] [Invalid ZIP Vulnerability]

-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darin Cox Sent: Tuesday, July 31, 2007 5:34 PM To: declude.virus@declude.com Subject: Re: [Declude.Virus] [Invalid ZIP Vulnerability] We use this vulnerability.eml

RE: [Declude.Virus] [Invalid ZIP Vulnerability]

, or is this specific to which scanner(s) I am using? Thanks Jared -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darin Cox Sent: Tuesday, July 31, 2007 6:40 PM To: declude.virus@declude.com Subject: Re: [Declude.Virus] [Invalid ZIP Vulnerability] Yep. You can use

Re: [Declude.Virus] Invalid ZIP Vulnerability

I've seen it here rarely also. Not positive here but here is a theory: The zip file may gave been created on a Mac and contain some Mac specific size 0 files? - Original Message - From: Paul Navarre [EMAIL PROTECTED] To: Declude.Virus@declude.com Sent: Friday, May 27, 2005 12:54 AM

Re: [Declude.Virus] Invalid ZIP Vulnerability

This vulnerability is triggered if the file format diverges from the official ZIP format specification. David Franco-Rocha Declude Technical Support - Original Message - From: Paul Navarre [EMAIL PROTECTED] To: Declude.Virus@declude.com Sent: Friday, May 27, 2005 1:54 AM Subject: