infected krb5-1.3.5.tar?
Ken Raeburn
raeburn at MIT.EDU
Tue Sep 28 12:22:42 EDT 2004
On Sep 28, 2004, at 09:27, Schult, Pascal wrote:
> Hello,
>
> got problem downloading the actual kerberus.
> http://web.mit.edu/kerberos/dist/krb5/1.3/krb5-1.3.5.tar
> a document seems to be infected.
>
> Content of tar file is a virusmessage:
I just fetched the file and it looks fine. The tar file contains two
files, krb5-1.3.5.tar.gz (the real source for the release) and
krb5-1.3.5.tar.gz.asc (a PGP signature for the former).
>
> <html><head><title>Virus report</title></head>
> <body><h1>Virus report (mail)</h1>
> Virus was found and quarantined in
> http://web.mit.edu/kerberos/dist/krb5/1.3/krb5-1.3.5.tar:<p>
> Found virus MacroStripped in file
> krb5-1.3.5/src/lib/crypto/aes/vbaxam.doc (in krb5-1.3.5.tar)<p>
> The file krb5-1.3.5.tar is moved to /var/iscan/virus/virPMeg23.<p>
Do you have some sort of interesting web proxy or anything? Or some
kind of fetch-by-mail mechanism where a virus scanner would interfere?
We do have a Word document vbaxam.doc in that directory; it came with
the AES code we picked up. It contains VBA code demonstrating the use
of the library. But it's not used as part of the build, not installed,
etc. It's just there in case someone wants it for reference.
Ken
More information about the Kerberos
mailing list