An important addition to the Acrobat question, issued by the NTBugtraq moderator shortly after the original claim was posted: -----------------begin quoted message---------------------- Interim Update: James is in a seminar today, and while I was able to drag him out of it long enough to ask a few questions, some will remain unanswered until tomorrow (when he can get to the source messages he has). - They found NetBusPro.dr in a pre-released version of Adobe Acrobat Reader 4.0 - They reportedly got a response from Adobe indicating it had been put there, and that "nobody has reported it to cause any problems". When I spoke to Adobe Customer Service, they could not find any reference to NetBus being included, officially, in any of their Acrobat released products. Several posters have stated they do not find NetBus when scanning with McAfee (various versions) against the released Adobe Acrobat 4.0 package (note, I don't believe this is the same package James was referring to). I received a message from one poster that included a snippet of a message he received from a member of the anti-virus research community within which, was a supposed response from McAfee. McAfee was supposedly acknowledging that this was a false detection within their 4.0.4017 .DAT file. The response said that this would be fixed "in a future update of the .DAT files). I downloaded and checked the McAfee 4.0.4019 .DAT file WhatsNew.txt file, but it makes no mention of any false detection, or whether or not its been corrected. James has not scanned it with 4.0.4019 so cannot say if it has, in fact, disappeared or not. My apologies for how long this response has taken. James' message caused a flood of responses and I had hoped to get him to give us some more facts. It took me a while to track down his pager number (ain't social engineering fun!), hence the delay. I have messages into the senior researchers at NAI, but as yet they haven't responded either. Without accurate info about precisely where James got precisely what, its hard to ask Adobe many more questions than I already have. I truly goofed in sending this one out without a little more clarification in advanced...tsk, tsk... More when something useful arises. Cheers, Russ - NTBugtraq moderator ------------------end quoted message----------------------- Forgive the length of the quote, but, considering the content, it seems justified. --Dave -=-=-=-=-=-=-=-=-=-= Dave Carter Manager, Data Systems Global Security Technical Operations Motorola
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:41:45 PDT