Date: Wed, 23 Jun 2004 11:01:41 GMT From: dawnshade <h-k@mail.ru> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/68234: pop3vscan pass viruses to clients. Message-ID: <200406231101.i5NB1fMI099386@www.freebsd.org> Resent-Message-ID: <200406231110.i5NBAH9G023800@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 68234
>Category: ports
>Synopsis: pop3vscan pass viruses to clients.
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Jun 23 11:10:16 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: dawnshade
>Release: 5-CURRENT
>Organization:
>Environment:
FreeBSD gw 5.2-CURRENT FreeBSD 5.2-CURRENT #1: Fri Mar 19 16:40:08 MSK 2004 root@gw:/usr/obj/usr/src/sys/6 i386
kern.osreldate: 502108
>Description:
Output message "TNEF_decode_tnef: Bad TNEF signature, expecting 223e9f78 got 789f3e22
TNEF read_16() Attempting to read past end" on ttyp0 and pass virus to client MUA.
Compiled WITHOUT_UVSCAN=YES. Using with clamav-0.73 from ports.
>How-To-Repeat:
1) Install with WITHOUT_UVSCAN=YES
2) ipfw add 4000 fwd 192.168.0.1,8110 tcp from 192.168.0.0/24 to not me 110
3) Try to recieve some message with virus.
BTW, on 4.X releases this bug not shown.
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200406231101.i5NB1fMI099386>