There is a big hole in the virus scanner. I was reading up on trend micros Viruswall and saw a vunlerability issue posted. I read up on it and basically the proxy receives a document from a web server with real content, but which is preceded by a HTTP header with content-length field set to 0, it will pass the document to the client without scanning it.
I did the test to see if Astaro is vulnerable to it and it is! here is the website:
http://www.inside-security.de/vwall_cl0_poc.html
This is bad. Can anybody at astaro tell us is there a setting on Astaro to configure the scanner to not skip scanning if content = 0?
This thread was automatically locked due to age.
