Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Virex on-access scanning unreliable

from [hahn] Network Security [Permanent Link]
Subject: Virex on-access scanning unreliable
Date: 28 Feb 2006 08:08:05 -0000 
Vulnerability:
The on-access scanner of McAfee Virex 7.7 for Mac is unreliable and fails the 
EICAR test. 

Using any webbrowser to download the EICAR testvirus from 
http://www.eicar.org/anti_virus_test_file.htm will not trigger the Virex 
on-access scanner and will not be noticed in most cases. If Virex does notice 
and report it, it will never prevent it from being saved to disk, even if the 
user tells Virex to delete the infected file.

Other scenarios where Virex on-access scanner fails might be possible.

Severity:
Moderate as long as Mac is not targeted by real viruses.
Fatal as soon as the first true virus epidemic for OS X appears.

McAfee notified 2006/02/17, denied responsability for the product and referred 
to Apple.
Apple notified 2006/02/17, denied responsability for the issue and referred to 
McAfee.
Published 2006/02/28 on Bugtraq.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Virex on-access scanning unreliable, hahn <=
Previous by Date:  Re: NETGEAR WGT624 Wireless DSL router default user name/password vulnerability, Adam Chesnutt
Next by Date:  Re: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities, Daniel Veditz
Previous by Thread:  [security bulletin] SSRT061118 rev.1 - HP System Management Homepage (SMH) Running on Windows: Remote Unauthorized Access, security-alert
Next by Thread:  [ MDKSA-2006:051 ] - Updated gettext packages fix temporary file vulnerabilities, security
Indexes:  [Date] [Thread] [Top] [All Lists]