-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AMaViS Security Announcement Date: 12/11/2000 affected version(s): AMaViS-Perl below AMaViS-Perl-10 Vulnerability Type: script viruses (i.e. vbs worms) may not be detected Priority: urgent Solution: upgrade to AMaViS-Perl-10 Author: Lars Hecking Rainer Link Advisory ID: ASA-2000-5 - --------------------------------------------------------------------------- 1. Problem description AMaViS-Perl uses a Perl module to decode (uudecode/xxdecode or binhex) every file which is recognised by file(1) as ASCII, text, uuencode, xxencode or binhex. If a (ASCII, text) file is _not_ encoded, the resulting file is zero bytes long and the original file will be deleted as usual as AMaViS-Perl fails to detect this error case. Therefore the virus itself will be deleted. 2. Impact Obvious. This bug can let script viruses go undetected. 3. Solution Upgrade to AMaViS-Perl-10. 4. Acknowledgement This bug was discovered accidentally by Lars Hecking. 5. References https://sourceforge.net/projects/amavis/ http://www.amavis.org/ 6. Revision History 12/11/2000: initial release =========================================================================== - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDjaUVwRBACPlluFzjLsjxV4ynz41Zk1S2GLF1/U3xE2HNcfk+a2Ij6sH64O yPtBR9WX9x/QW3g9LnW86DHWgnh408D7jtd4/imJDyiNGqMregmkDjEWa6TIsXwB RlG/DRpFbfwc4yRqQPklcgCIH/KlxgkJ1QTezpltRiQBfpWZKOrA1tLGGwCgw4/o pU+RdnilbrDc6MZx7WQkzKED+QEUt4/++VyvPZjQCOmxFk4GpQZNP99D40eJFwyx JkRGVl4f1wAgi0Q3NSSJyl1j9qGxz0c8DmR1F0yJtyg8+fqpKomtg+lHasvELom4 g0cGjnjtwx7sgtga4BIxUUpWTZLkMftWQigWgwWp3e5b6RCfHTUxuOUtgBBmjQB8 x04ABACNTYjjBcUKJYzp3Hx8wz39MVznYl8KXuXHIGY0ccbPmv3J6zjXvSr4++AZ +U1qUSGJUyW0xpSWnsxHRI/qkiI5KPNbLYPFMbYjLHH2H5grjdnw7X71NAEW13Mv 0V9Fgs1mn93BkVn8V+U8vGPcgwTegcEWCe6V06HZD6Ep46W7drQnUmFpbmVyIEhl cm1hbm4gTGluayA8UmFpbmVyTGlua0BnbXguZGU+iFYEExECABYFAjjaUVwECwoE AwMVAwIDFgIBAheAAAoJEJsaBUwTtEB5iDoAoI+nE3VeD0gGtuaTHhLmKPA7rfmJ AKCf+H996kGJ65ZmqWsTrV2iuyqniIkBIgQQAQEADAUCONuGTwUDAeEzgAAKCRCX VPlSyTX7PUP3CACZG7hK9GMg7gL2pWs6ZEPC+ANUGh3KL5F/cYjngQJf+YABXvJ/ g8Up0voHooSq+lGQMxPZjK2sxLF/aOkmRW+r/uC1pxwbAOLgRRC/X33CVA+XhJ0r UvYJGHUjDRoe690vWkxyDDCVGVlsD3+5w7Ljsq0hoiRFF+32HyJzHY1bcC3d+W5V IPBze9bJvcDspJbCOXVc87d2tOfYR85mdOcsotNhAZJWtZvBkhj9xvxlu8BrAOUe e+1ZbeMNlrDnmMGMYc2kF4gSbAHfmYR9Zepng60s5rWktEUzlJoUDRPKI2FmNT3E K9dycZXhsdcDUnzAimm4MrvEn2pexSC2rE4NtCJSYWluZXIgSGVybWFubiBMaW5r IDxsaW5rQHN1c2UuZGU+iFUEExECABYFAjlosj0ECwoEAwMVAwIDFgIBAheAAAoJ EJsaBUwTtEB5yj0AniSu6k2wR6LF122b5aUVUwhXoHtlAJdMS/Gijbx8m4MI9thX qXp5azRNtClSYWluZXIgSGVybWFubiBMaW5rIDxSYWluZXIuTGlua0BzdXNlLmRl PohWBBMRAgAWBQI5aLJjBAsKBAMDFQMCAxYCAQIXgAAKCRCbGgVME7RAeWHEAJ45 eGd260EM04tUuIhh2fxI0RyhPwCfVU8nrwC7pbwj7Dsa07fvwE0soYW5Ag0EONpS FBAIAJoCSZEyxdupx95EPn8XPGV7ugg+5BMIDTA6J30HD78RQQkDQCBMTDLCcMpz uukxXByAUMUNpf8RlZEN9U582BjdPYNYRa4VP5QJbvpjC08YeWQs+sD3n0HT/ArL FGlC+rSf1vJoaKI2ggTlRV1L04yEhCEH9zQDPKjFH4aIci2IghOJB/xZaRF69khN IlifD8SglIQ9FcEhc5+sUIZdeu/+XVlgwgBc4XF7+W40PNZ4uXMhElbzGP5jqTdo nFS+AlV/OsElQ+ma4atZicfVjRaVTxovAl91ZeVr5v7XGvpvh3rmtOyP/pVYf4ii 5Y6nu8OFXGo4Bsx3FqSZkQ2jh3cAAwUIAICCSuAuPCYaKYA168gNDZjsadQNhCpw 2o7zsKpSmQ6hxd4aRQ1TO631nNDx2D+/ffk7ET5VT3n4gezUn2ITZHdrTk1GUpLR 3czoMZIBL6Eit9mEmRe1XZ/3Q5lEUZHm8wEqqIZPPVhxZAFXDBucQlPO1lFKd8rM UC+3+oU7RF9PpwzdQ+d/iMGmFMKXTH7o2qRV64cVMkWuMpMQARfA+i3YGPqqZfIb dlMHXJ0oA32+eTUqOTtucD64XvcYSUQQ1tsHeijvrHq71zLfL6t1Dhwt+JDRMz3S fDggxQs2oaB9Y+rxfbX7ajcHl0rc67sTTC+wDXIq+25FhnYPu+NV6kmIRgQYEQIA BgUCONpSFAAKCRCbGgVME7RAeTYdAKCifLnHBBVPhcSRRffljCryGujZJQCfYcrQ VrZ22GYrSJJn3sNjQKAHd3w= =Fsd9 - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: Weitere Infos: siehe http://www.gnupg.org iD8DBQE6NTs/mxoFTBO0QHkRAqRpAJ9MlL/MYBXBoHQ7zMgGc57BVTNdGQCgoKed EuhcY4RJI8U7AEG9IXem77k= =UWlO -----END PGP SIGNATURE-----