Network Security: Detailed info on Re: Re: Begs a question: AV in Linux (correction)

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Focus-Linux

[Top] [All Lists]

Re: Re: Begs a question: AV in Linux (correction)

from [Antoine Martin] Network Security

[Permanent Link]

Subject:	Re: Re: Begs a question: AV in Linux (correction)
Date:	Mon, 06 Feb 2006 18:11:08 +0000

Is a little misleading:
wine - Just because a windows exploit exists in windows, does not mean it 
exists in wine.
For example - if windows has a buffer exploit somewhere in its dlls,

True for buffer overflows.

that does not mean it will exist in wine (and vice-versa). This is
because the wine team is re-implementing the windows API without
looking at the windows code, and the implementations will differ.

The code will differ but the interface won't (or shouldn't) and if the
virus uses that interface to get its hooks, it will still work:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0106
"the same vulnerability as CVE-2005-4560 but in a different codebase."

Not correct in the least - openoffice can't run word macros (although
you can chose to preserve them).

I think the point was about the potential danger of macros in general
and the fact that an AV will spot them quite easily.

Antoine

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Re: Begs a question: AV in Linux (correction), blahblah Re: Begs a question: AV in Linux (correction), lucien Fransman Re: Re: Begs a question: AV in Linux (correction), Antoine Martin <= Re: Re: Begs a question: AV in Linux (correction), Eric Rostetter Re: Begs a question: AV in Linux (correction), Alan McKinnon

Previous by Date:	Re: Begs a question: AV in Linux (correction), lucien Fransman
Next by Date:	Re: Re: Begs a question: AV in Linux (correction), Eric Rostetter
Previous by Thread:	Re: Begs a question: AV in Linux (correction), lucien Fransman
Next by Thread:	Re: Re: Begs a question: AV in Linux (correction), Eric Rostetter
Indexes:	[Date] [Thread] [Top] [All Lists]