[Clamav-devel] Possible bypass via gz?
Matt Olney
molney at sourcefire.com
Mon Feb 17 09:12:00 EST 2014
Thanks, Bradon. We'll review this.
On Sun, Feb 16, 2014 at 7:29 PM, Brandon Perry <bperry.volatile at gmail.com>wrote:
> Hi,
>
> Not sure if this person is using an old version of ClamAV and I haven't
> attempted this, but he alleges he has found a way to bypass gzip'ed
> tarballs by modifying a specific byte within the headers.
>
>
> http://www.exploit-db.com/wp-content/themes/exploit/docs/31685.pdf
>
> Hope this is the correct place to report this.
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
More information about the clamav-devel
mailing list