[Clamav-devel] Possible bypass via gz?

Brandon Perry bperry.volatile at gmail.com
Sat Feb 22 16:46:04 EST 2014


Hey guys,

Is this going to need a CVE? I can forward the info onto oss-sec list
and get a CVE assigned.


On 02/17/2014 08:12 AM, Matt Olney wrote:
> Thanks, Bradon.  We'll review this.
>
>
> On Sun, Feb 16, 2014 at 7:29 PM, Brandon Perry <bperry.volatile at gmail.com>wrote:
>
>> Hi,
>>
>> Not sure if this person is using an old version of ClamAV and I haven't
>> attempted this, but he alleges he has found a way to bypass gzip'ed
>> tarballs by modifying a specific byte within the headers.
>>
>>
>> http://www.exploit-db.com/wp-content/themes/exploit/docs/31685.pdf
>>
>> Hope this is the correct place to report this.
>> _______________________________________________
>> http://lurker.clamav.net/list/clamav-devel.html
>> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net



More information about the clamav-devel mailing list