New Exploit?

[Wess Bechard]

    [ The following text is in the "utf-8" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

Do not worry about me. :)

My servers run Gentoo, so applying updates on a weekly basis is fairly
trivial.  This morning's update will likely upgrade ClamAV if I have the
older version. 

Speaking of updates, I just installed Ubuntu Server at home this weekend
on my webserver box.  I imagine Ubuntu Server will grow into a very nice
server OS, as Ubuntu's team rolls updates out quickly via apt.

I do realize it is silly to assume you are always safe, but in my case I
take precautions to limit the danger by dedicating Monday morning as
patch up, and roll out time.

[ebuild     U ] app-antivirus/clamav-0.87.1 [0.87]

Yep,  Servers updating clamav package right now :)


On Mon, 2005-11-07 at 10:19 -0300, Leonardo Helman wrote:

 Famous last words...

Probably your servers will not be so fine

  http://www.securityfocus.com/archive/1/415723

Saludos

--  
Leonardo Helman
Pert Consultores
Argentina


On Fri, Nov 04, 2005 at 04:46:54PM -0500, Wess Bechard wrote:
> 
>    ClamAV isn't on the list, so at least my servers will be fine.
>    I'm  going  to  guess that the file utility will not likely miss-guess
>    the header, so it may be a good idea to have the linux file utility do
>    its job.
>    On Fri, 2005-11-04 at 15:34 -0600, Mike Kercher wrote:
> 
> Has anyone read this?
> 
> [1]http://www.security.ithub.com/article/Virus%20Scanners%20Made%20Moot%20by%20
> New%20Exploit/164278_1.aspx
> 
> Thoughts?
> 
> Mike
> 
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email [2]jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the Wiki ([3]http://wiki.mailscanner.info/) and
> the archives ([4]http://www.jiscmail.ac.uk/lists/mailscanner.html).
> 
> Support MailScanner development - buy the book off the website!
> 
>    ------------------------ MailScanner list ------------------------
>    To unsubscribe, email [5]jiscmail at jiscmail.ac.uk with the words:
>    'leave mailscanner' in the body of the email.
>    Before posting, read the Wiki ([6]http://wiki.mailscanner.info/)
>    and the archives
>    ([7]http://www.jiscmail.ac.uk/lists/mailscanner.html).
>    Support MailScanner development - buy the book off the website!
> 
> References
> 
>    1. http://www.security.ithub.com/article/Virus%20Scanners%20Made%20Moot%20by%20
>    2. mailto:jiscmail at jiscmail.ac.uk
>    3. http://wiki.mailscanner.info/
>    4. http://www.jiscmail.ac.uk/lists/mailscanner.html
>    5. file://localhost/tmp/jiscmail@jiscmail.ac.uk
>    6. http://wiki.mailscanner.info/
>    7. http://www.jiscmail.ac.uk/lists/mailscanner.html

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!


------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/)
and the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!