[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200406141042.06709.npguy@websurfer.com.np>
From: npguy at websurfer.com.np (npguy)
Subject: Antivirus/Trojan/Spyware scanners DoS!
clam use unzip utility outside its process space. if unzip itself is
vulnerable (not in case of linux) then clam may face similar problem
check "manager.c" of clam 0.15
242 if(strbcasestr(filename, ".zip")) {
243 char *args[] = { "unzip", "-P", "clam", "-o", (char *)
filename, NULL };
244 if((userprg = getargl(opt, "unzip")))
245 ret = clamav_unpack(userprg, args, tmpdir, user, opt);
246 else
247 ret = clamav_unpack("unzip", args, tmpdir, user, opt);
On Monday 14 June 2004 09:36 am, Syke wrote:
> $ clamscan -V
> clamscan / ClamAV version 0.71
> $ clamscan SERVER_dwn.zip
> SERVER_dwn.zip: Eicar-Test-Signature FOUND
>
> ----------- SCAN SUMMARY -----------
> Known viruses: 21951
> Scanned directories: 0
> Scanned files: 1
> Infected files: 1
> Data scanned: 20.13 MB
> I/O buffer size: 131072 bytes
> Time: 5.447 sec (0 m 5 s)
>
> No problems for me.
Powered by blists - more mailing lists