[clamav-users] clamav-0.98.3 does not pass vulnerability scan
Steve Basford
steveb_clamav at sanesecurity.com
Tue May 20 07:15:21 UTC 2014
On Tue, May 20, 2014 4:22 am, anctop wrote:
>> The file 42.zip was sent 2 times. If there is an antivirus in your MTA,
>> it might have crashed. Please check its status right now, as it is not
>> possible to do so remotely
Just for info...
Summary: This script sends the 42.zip recursive archive to the mail
server. If there is an antivirus filter, it may start eating huge amounts
of CPU or memory.
Source: http://openvas.komma-nix.de/index.php?oid=11036
VirusTotal Report 42.zip as....
Agnitum Trojan.ZipBomb.D 20140519
AntiVir Bomb/Libit.A 20140520
BitDefender Trojan.Script.ATU 20140520
ClamAV Trojan.ArcBomb-1 20140520
Commtouch ZIP/ArchiveBomb.A!Camelot 20140520
DrWeb Trojan.MailBomb.34902 20140520
F-Secure Trojan.Script.ATU 20140519
Fortinet W32/ArchBomb.B!tr 20140520
GData Trojan.Script.ATU 20140520
Kaspersky Trojan-ArcBomb.ZIP.Bubl.b 20140520
McAfee ZIP-Crash 20140520
McAfee-GW-Edition ZIP-Crash 20140519
MicroWorld-eScan Trojan.Script.ATU 20140520
Microsoft DoS:Win32/ZipBomb.A 20140520
NANO-Antivirus Trojan.Zip.Arch-Bomb.yngkq 20140520
TrendMicro TROJ_ZIPBOMB.B 20140520
TrendMicro-HouseCall TROJ_ZIPBOMB.B 20140520
VBA32 suspected of ZIP.MailBomb 20140519
Cheers,
Steve
Sanesecurity
More information about the clamav-users
mailing list