Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?

To: Davide Prina <Davide.Prina@null.net>
Cc: debian-security@lists.debian.org
Subject: Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
From: Sebastian Rose <sebastian_rose@gmx.de>
Date: Mon, 20 Jun 2022 18:10:45 +0200
Message-id: <[🔎] 87sfnzs4ca.fsf@gmx.de>
In-reply-to: <[🔎] trinity-b2e27087-5900-40c4-acfa-7681092c09e0-1655542873199@3c-app-mailcom-lxa15> (Davide Prina's message of "Sat, 18 Jun 2022 11:01:13 +0200")
References: <[🔎] CA+3C0Q7uCt_d37f1bQU=xw99EVu8GXarFhHxTM=N0W9MXWcgeg@mail.gmail.com> <[🔎] trinity-b2e27087-5900-40c4-acfa-7681092c09e0-1655542873199@3c-app-mailcom-lxa15>

Davide Prina <Davide.Prina@null.net> writes:
> Corey H wrote:
>
>> how do you guys test all of the potential PNG/JPG potential malware payloads

What's your use-case? As I'm not aware of an vector for GNU/Linux in
normal everyday use¹, I guess you host files for Windows clients?

Did anyone mention ClamAV already? If so, please ignore me (sorry for
not following closely...).

 - Sebastian

¹ One can execute every file on GNU/Linux. But the attack is that
execution of a file, not the file (otherwise we'd have to consider `rm',
`gpg', `scp', and many more malware, too).

-- 
As I was walking down Stanton Street early one Sunday morning, I saw a
chicken a few yards ahead of me.  I was walking faster than the chicken,
so I gradually caught up.  By the time we approached Eighteenth Avenue,
I was close behind.  The chicken turned south on Eighteenth.  At the
fourth house along, it turned in at the walk, hopped up the front steps,
and rapped sharply on the metal storm door with its beak. After a
moment, the door opened and the chicken went in.

                      (Linda Elegant in "True Tales of American Life")

Reply to:

Follow-Ups:
- Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
  - From: Noah Meyerhans <noahm@debian.org>
- Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
  - From: Shubo <Shubo@galbo.io>
- Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
  - From: Corey H <user9de1d@gmail.com>

References:
- How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
  - From: Corey H <user9de1d@gmail.com>
- Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
  - From: Davide Prina <Davide.Prina@null.net>

Prev by Date: Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
Next by Date: Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
Previous by thread: Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
Next by thread: Re: How do you guys handle PNG/JPG binary files with potential payloads for all the image viewers?
Index(es):
- Date
- Thread