MAILsweeper SMTP 4.2.1 + F-Secure Anti-Virus 5.0.2/5.2.1 - File Scanner Malicious Archive Denial of Service

EDB-ID:

21006

CVE:


EDB Verified:

Author:

Michel Arboi

Type:

dos

Exploit:   /  

Platform:

Windows

Date:

2001-07-12

Vulnerable App: 
source: https://www.securityfocus.com/bid/3027/info

A wide range of products exists for scanning enterprise email and filesystems for files containing viruses and other undesirable content.

These products handle compressed files by temporarily unzipping them and scanning their uncompressed contents.

It is possible to construct an archive with an unusually high compression ratio, resulting in a small file which grows to extreme size when uncompressed.

When a scanner process unpacks such an archive to examine its contents, the resulting file may be so large that it consumes significant amounts of available disk space.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21006.zip
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services