Zip of Death

Ernest W. Lessenger ernest at OACYS.COM
Mon Jun 9 22:09:19 IST 2003

I just sent it through my system and both the primary (f-prot) and
secondary (Norman AV) scanners caught it. Trend Micro running on my
computer caused a blue-screen in Windows XP :)

Good news is I don't think my proxy server will be affected by this
particular file. Bad news is I now know how to create one that will kill
it. I'll have get the developer to patch :(


At 04:55 PM 6/9/2003 -0400, you wrote:
>I sent this thru my current MS setup and CLAMAV found it in a hearbeat!!!!
>Thanks for the resource link!
>Michael Weiner
>-----Original Message-----
>From: Steffan Henke [mailto:henker at SHCOM.US]
>Sent: Monday, June 09, 2003 4:43 PM
>Subject: Re: Zip of Death
>On Mon, 9 Jun 2003, Ernest W. Lessenger wrote:
> > I'd be happy to know how to defend against this (presumably by watching
> > for a loop in the decompression routing), or happier to have a sample to
> > test with. PLEASE DON'T EMAIL IT LIVE!!!!
>You could download a testfile from here: ,
>it's the link "why anti viruses don't work" at the bottom of the page.
>Norton seems to choke on it, not sure about other products.

More information about the MailScanner mailing list