Sophos eats CPU with large compressed files when intercheck examines a file (the file emvt30 from Microsoft's d/l killed my 800 athlon on a 4 disk IDE s/w stripe (NT4)and 384Meg for 10's of minutes - I gave up and killed it eventually, but that was hard going too!) John Haines -----Original Message----- From: Michel Arboi [mailto:arboiat_private] Sent: 17 June 2001 23:11 To: VULN-DEVat_private Subject: Antivirus scanner DoS with zip archives Some time ago, MimeSweeper could be killed in a rather simple way: Compress with zip a 1 GB file filled with zeros, and attach the 1MB (*) result to an e-mail. MimeSweeper tried to allocate 1 GB of memory and died. (*) The maximum compressing ratio with the Zip algorithm is ~ 1:1000 This bug is supposed to be fixed in the last versions (I did not check). ******** Instead of trying to eat all the memory, we could try to eat the CPU like this: <stuff deleted>
This archive was generated by hypermail 2b30 : Mon Jun 18 2001 - 15:22:39 PDT