Hello,

We are using Merak mail server with integrated avast antivirus.
Unfortunately it vulnerable to decompression bomb DOS attacks. >:(
Is there any way to adjust integrated antivirus engine like it could be made
in standalone product (using .ini file)

Best regards
Ilya

Do you mean it’s vulnerable against files that the ordinary avast! Home/Pro handles correctly?

I don’t know about ordinary avast (I’ve seen on this board it’s behavior can be changed by using INI file) but antivirus integrated to Merak mail server eats all resources trying to decompress 42.zip file sent as attachment. And there is no INI files to control it’s behavior.

Hi ilyaa,

Some info here:
http://www.aerasec.de/security/advisories/decompression-bomb-vulnerability.html

polonus