infected krb5-1.3.5.tar?

Ken Raeburn raeburn at MIT.EDU
Tue Sep 28 12:22:42 EDT 2004


On Sep 28, 2004, at 09:27, Schult, Pascal wrote:

> Hello,
>
> got problem downloading the actual kerberus.
> http://web.mit.edu/kerberos/dist/krb5/1.3/krb5-1.3.5.tar
> a document seems to be infected.
>
> Content of tar file is a virusmessage:

I just fetched the file and it looks fine.  The tar file contains two 
files, krb5-1.3.5.tar.gz (the real source for the release) and 
krb5-1.3.5.tar.gz.asc (a PGP signature for the former).

>
> <html><head><title>Virus report</title></head>
> <body><h1>Virus report (mail)</h1>
> Virus was found and quarantined in 
> http://web.mit.edu/kerberos/dist/krb5/1.3/krb5-1.3.5.tar:<p>
> Found virus MacroStripped in file 
> krb5-1.3.5/src/lib/crypto/aes/vbaxam.doc (in krb5-1.3.5.tar)<p>
> The file krb5-1.3.5.tar is moved to /var/iscan/virus/virPMeg23.<p>

Do you have some sort of interesting web proxy or anything?  Or some 
kind of fetch-by-mail mechanism where a virus scanner would interfere?

We do have a Word document vbaxam.doc in that directory; it came with 
the AES code we picked up.  It contains VBA code demonstrating the use 
of the library.  But it's not used as part of the build, not installed, 
etc.  It's just there in case someone wants it for reference.

Ken



More information about the Kerberos mailing list