[Clamav-devel] Possible bypass via gz?

Matt Olney molney at sourcefire.com
Mon Feb 17 09:12:00 EST 2014


Thanks, Bradon.  We'll review this.


On Sun, Feb 16, 2014 at 7:29 PM, Brandon Perry <bperry.volatile at gmail.com>wrote:

> Hi,
>
> Not sure if this person is using an old version of ClamAV and I haven't
> attempted this, but he alleges he has found a way to bypass gzip'ed
> tarballs by modifying a specific byte within the headers.
>
>
> http://www.exploit-db.com/wp-content/themes/exploit/docs/31685.pdf
>
> Hope this is the correct place to report this.
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>



More information about the clamav-devel mailing list