[clamav-users] Bad signature?

Angel Villegas anvilleg at sourcefire.com
Thu Apr 20 08:43:02 EDT 2017


This is caused by a subset of the detection pattern used in the bytecode
signature BC.Win.Exploit.CVE_2017_0060-6099223-0. This is a warning and
doesn't impact detection of the bytecode in ClamAV. An updated version of
this signature will be published to replace the current version.

Thanks,
Angel M. Villegas

On Thu, Apr 20, 2017 at 8:40 AM, Eric Tykwinski <eric-list at truenet.com>
wrote:

> This doesn't seem to be impacting anything, but getting the following error
> on ClamAV reload:
> LibClamAV Warning: Don't know how to create filter for:
> BC.Win.Exploit.CVE_2017_0060-6099223-0.{}
> LibClamAV Warning: cli_ac_addpatt: cannot use filter for trie
>
> Freshclam log:
> --------------------------------------
> ClamAV update process started at Thu Apr 20 08:32:52 2017
> WARNING: Your ClamAV installation is OUTDATED!
> WARNING: Local version: 0.99 Recommended version: 0.99.2
> DON'T PANIC! Read http://www.clamav.net/support/faq
> main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder:
> amishhammer)
> Downloading daily-23312.cdiff [100%]
> Downloading daily-23313.cdiff [100%]
> daily.cld updated (version: 23313, sigs: 2054633, f-level: 63, builder:
> neo)
> Can't query daily.23313.81.1.1.C2BA2F13.ping.clamav.net
> bytecode.cld is up to date (version: 292, sigs: 58, f-level: 63, builder:
> anvilleg)
> Database updated (6273481 signatures) from database.clamav.net (IP:
> 194.186.47.19)
> Clamd successfully notified about the update.
>
> Sincerely,
>
> Eric Tykwinski
> TrueNet, Inc.
> P: 610-429-8300
>
>
>
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>


More information about the clamav-users mailing list