[Clamav-devel] Possible bypass via gz?

Matt Olney molney at sourcefire.com
Mon Feb 17 09:12:00 EST 2014

Thanks, Bradon.  We'll review this.

On Sun, Feb 16, 2014 at 7:29 PM, Brandon Perry <bperry.volatile at gmail.com>wrote:

> Hi,
> Not sure if this person is using an old version of ClamAV and I haven't
> attempted this, but he alleges he has found a way to bypass gzip'ed
> tarballs by modifying a specific byte within the headers.
> http://www.exploit-db.com/wp-content/themes/exploit/docs/31685.pdf
> Hope this is the correct place to report this.
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net

More information about the clamav-devel mailing list