Hi, Not sure if this person is using an old version of ClamAV and I haven't attempted this, but he alleges he has found a way to bypass gzip'ed tarballs by modifying a specific byte within the headers. http://www.exploit-db.com/wp-content/themes/exploit/docs/31685.pdf Hope this is the correct place to report this.