I have tested Avast! with the Antivirus Scanners DoS attack as reported on bugtraq. I finally got tired of waiting for the manual scan to complete after several minutes, and I cancelled the operation. Is Alwil aware of this? Is there a fix in progress?
[i]I doubt how many Antivirus/Trojan/Spyware scanners will choak to death while having a “manual scan” of this file. Please go ahead and give it a try.
I was woundering, what would be the results if such file gets stucked in an “AV gateway”[/i]
I tested this file, and Avast! can’t find the Escar file in the zip.
In my experience, once an exploit is reported it’s only a matter of time before it is seen in the wild. I was asking if Awlil was aware of the problem and if they are working on a solution.
Actually on my P4/3GHz the eicar is found in about 3 minutes… but anyway it’s not good. We’ll find a solution.
Please note that this ZIP is actually one of many - similar techniques exist and have been shown for all major archive formats and use different tricks. So a general solution is not really simple to find…
I tested it again without stopping it. Big mistake.
AMD XP-M 2500+ Avast Professional
After 20+ minutes the scanner crashed because it ran out of disk space. It used all 20G of free space I had. I had to restart and manualy delete the temp files.
I ran a boot scan and it scanned the zip quickly but did not find the eicar.
Tried a different machine.
AMD 64-M 3000+ Avast Home
Found the eicar in 11 minutes with no other problems. I did not try the boot scan on this machine. (40G of free disk space)