skip to main | skip to sidebar

Secdev - Thierry Zoller

Where facts are few, experts are many.

Navigation

Home | Profile/Research | Advisories | Flickr | Contact | RSS | E-mail alert

hack lu 2009

Advisories - FPROT,Clamav

Subscribe to the RSS feed in case you are interested in updates


  • [TZO-33-2009] FPROT generic bypass (TAR)
  • [TZO-40-2009] Clamav generic bypass (RAR,ZIP,CAB)
  • [TZO-34-2009] FPROT generic bypass (RAR,LHA,ARJ)
  • [TZO-43-2009] Clamav generic bypass (CAB)


Digg Technorati Delicious StumbleUpon Reddit Facebook Google Bookmark
at Tuesday, June 16, 2009

0 comments:

Post a Comment

Newer Post Older Post Home

About Me

My Photo
Thierry Zoller
Luxembourg
This is my personal "Blog", security research, comments and anything I regard as newsworthy.

Quicklinks
▪ Responsible vulnerability disclosure policy
▪ About me / Profile
▪ Contact

The views and opinions expressed on this blog are my personal views and are not intended to reflect the views of my employer or any other entity.
View my complete profile

Blog Archive

  • ►  2010 (3)
    • ►  Mar 2010 (1)
      • Videos of IDF Nominees in "Excellence in Visual Ar...
    • ►  Feb 2010 (2)
      • New Paper: SSL/TLS Hardening and Compatibility rep...
      • SSL/TLS Audit - New tool
  • ▼  2009 (80)
    • ►  Nov 2009 (2)
      • TLS / SSLv3 renegotiation vulnerability explained ...
      • New SSLv3 / TLS vulnerability - MITM attacks poss...
    • ►  Oct 2009 (1)
      • Computer Associates multiple products - RCE
    • ►  Sep 2009 (3)
      • Derren Brown guessed the lottery numbers - afterwa...
      • You get what you pay for
      • IIS 5&6 FTP vulnerability - information and tools ...
    • ►  Jul 2009 (3)
      • New advances in Office malware analysis
      • Advisory : One bug to rule them all - Firefox, IE...
      • 0pen0wn.c - Shellcode "dissasembled"
    • ▼  Jun 2009 (2)
      • Advisories - FPROT,Clamav
      • Advisories: Apple, F-prot, Norman,Ikarus, Kaspers...
    • ►  May 2009 (22)
      • Correlated list of advisories
      • Advisory - Firefox Denial of service (Keygen)
      • About the different risk ratings of Anti-virus byp...
      • Advisories - Firefox DoS (unclamped loop)
      • IIS 5 / IIS 5.1 / IIS 6 Webdav unicode - the bug t...
      • RSA and DSA - misconceptions and usefull informati...
      • Advisories : Panda multiple evasions
      • Advisories - Avira, Bitdefender generic PDF evasio...
      • Advisory: Clamav generic evasion (CAB)
      • Advisory : F-Prot - Generic evasion (RAR,ARJ,LHA)
      • Advisory - Clamav generic bypass (RAR,CAB,ZIP)
      • F-prot generic evasion (TAR)
      • IIS 6 / IIS 5 / IIS 5.1+ Webdav auth bypass (updat...
      • Advisory : Apple Safari remote code execution
      • Advisory: Apple Safari & Quicktime DoS
      • Advisory : Frisk F-prot evasion (TAR)
      • Advisory : Norman generic evasion (RAR)
      • Advisory - Ikarus multiple generic evasions
      • The myth of the untrusted Insider, the 80% lie - b...
      • 100th post : What about the big guys (Symantec,IBM...
      • Advisory : Kaspersky generic PDF evasion
      • Advisories : AVG, F-prot, Trendmicro(update)
    • ►  Apr 2009 (16)
      • Off to holidays - small gimmick
      • Advisory(ies) - Nod32, Trendmicro
      • Advisory : Firefox Denial of Service (KEYGEN)
      • Advisories - Aladdin eSafe, Avira Antivir, Comodo
      • Advisory - Firefox DoS condition (unclamped loop)
      • Dear Thierry, why do you behaved like an arrogant ...
      • Advisory : Panda generic evasion (TAR)
      • Advisory: Panda generic evasion (CAB)
      • Advisory : SUN / ORACLE JVM Remote Code execution
      • Advisory : Bitdefender generic evasion (PDF)
      • Advisory : Avira Antivir generic evasion (PDF)
      • Advisories - Fortinet, NOD32, Bitdefender, Avast
      • A case for Anti-Virus bypasses/evasions
      • Advisory : F-Prot (Frisk) - CAB bypass / evasions
    • ►  Mar 2009 (17)
    • ►  Feb 2009 (7)
    • ►  Jan 2009 (7)
  • ►  2008 (31)
    • ►  Dec 2008 (2)
    • ►  Nov 2008 (7)
    • ►  Oct 2008 (7)
    • ►  Sep 2008 (3)
    • ►  Aug 2008 (12)
  • ►  2007 (7)
    • ►  Oct 2007 (1)
    • ►  May 2007 (1)
    • ►  Apr 2007 (2)
    • ►  Mar 2007 (1)
    • ►  Feb 2007 (1)
    • ►  Jan 2007 (1)
  • ►  2006 (6)
    • ►  Dec 2006 (1)
    • ►  Aug 2006 (2)
    • ►  Mar 2006 (1)
    • ►  Feb 2006 (1)
    • ►  Jan 2006 (1)
  • ►  2005 (9)
    • ►  Oct 2005 (1)
    • ►  Apr 2005 (7)
    • ►  Jan 2005 (1)
  • ►  2000 (1)
    • ►  Mar 2000 (1)

Labels

  • 0day (5)
  • Advisory (52)
  • Bluetooth (3)
  • BTcrack (4)
  • Hardware hacking (1)
  • How-to (5)
  • Lectures (1)
  • Misc (5)
  • Omron 3S4YR-MVFW Card reader (3)
  • Rants from Thierry (19)
  • Tool (13)
  • Vulnerability disclosure Policy (1)
  • Vulnerabilties (10)
  • Whitepaper (1)
  • zero day (1)

Blogroll

  • Crash Dump Analysis
    Icons for Memory Dump Analysis Patterns (Part 4)
    4 hours ago
  • Acunetix Web Application Security Blog
    IIS Web Server Security how to
    6 hours ago
  • Security Database Tools Watch
    Samhain v2.6.3 & Beltane v2.3.19 released
    7 hours ago
  • Ma petite parcelle d'Internet...
    Des malwares dans nos devices...
    12 hours ago
  • TaoSecurity
    Bejtlich OWASP Podcast Posted
    1 day ago
  • Security4all
    IE6 & IE7 zero day published in Microsoft Security Advisory 981374
    1 day ago
  • The Security Development Lifecycle
    Telling their SDL stories: IE8 and Office 2007
    2 days ago
  • Didier Stevens
    Frisky Solitaire – Another Info Stealer
    2 days ago
  • Chatter on the Wire: How excessive network traffic gives away too much!
    Web fingerprinting
    3 days ago
  • PornoSecurity
    Scary monsters (and super creeps)
    1 week ago
  • ADD / XOR / ROL
    Trainings class with SP and me at CSW !
    1 week ago
  • Security Vulnerability Research & Defense
    Help keypress vulnerability in VBScript enabling Remote Code Execution
    1 week ago
  • Amrit Williams Blog
    Client Hosted Virtual Desktops Part 1; Own the OS
    1 week ago
  • Oracle Security Blog
    2 new ways to create error messages
    1 week ago
  • www.notsosecure.com
    Hacking Oracle From Web
    2 weeks ago
  • Ivanlef0u's Blog
    Padocon CTF | Karma300
    3 weeks ago
  • Adulau Wiki
    2010-02-14 Contribute Or Die
    3 weeks ago
  • Matasano Chargen
    Exercises for a burgeoning Army of Ninjas
    1 month ago
  • Nth Dimension/:: Negatively discriminating against idiots since 1995!
    0x3e3e7f56 ^ 0x585f163a = "fail"
    2 months ago
  • Debugging Toolbox
    Special Command—Unassembling code with u, ub and uf
    4 months ago
  • KK's Blog
    Visual Studio 2010 Beta 2 debugger may be confused by your symbol path
    4 months ago
  • Michael Howard's Web Log
    Security Sessions at TechEd in Australia and New Zealand
    6 months ago
  • WhyNot
    Back to the reality!
    6 months ago
  • David LeBlanc's Web Log
    Before We Had MSRC
    7 months ago
  • Disassembling logic at its best
    Binary Leetness 300 Comic
    7 months ago
  • Ero Carrera
    Polip and entry point obfuscation
    8 months ago
  • Joshua Wright
    No More iWeb
    10 months ago
  • haxorcize's blog
    A lil’ bit about NDIS, Windows Firewall and the undocumented Firewall-Hook Drivers Interface
    1 year ago
Show 25 Show All

Twitter Updates

    follow me on Twitter

    Interesting links

    • Beatrix
    • CASES - Security Awareness
    • Hack.lu
    • Heise Security
    • Joebox
    • Korbens Blog
    • Metasploit
    • PYRIT - WiFi
    • Security-Database.com
    • Security4all Blog
    • w00t-shell
    • Wonder how-to

    Support

    Support
    Bogdan Calin

    Subscribe To

    Posts
    Atom
    Posts