[clamav-users] clamav-0.98.3 does not pass vulnerability scan
Matus UHLAR - fantomas
uhlar at fantomas.sk
Tue May 20 07:48:09 UTC 2014
>> The file 42.zip was sent 2 times. If there is an antivirus in your MTA, it might have crashed.
>> Please check its status right now, as it is not possible to do so remotely
>>
>> Vulnerability Detection Method
>> Details: SMTP antivirus scanner DoS (OID: 1.3.6.1.4.1.25623.1.0.11036)
On 20.05.14 11:22, anctop wrote:
>But we've verified that ClamAV milter was still running as before.
The milter only passes data from milter to clamd. You need to look if the
clamd crashed.
>When using ClamAV-0.98.1, the scan report reads :
>
>> smtp (25/tcp) / submission (587/tcp)
>> Log (CVSS: 7.2) NVT: SMTP antivirus scanner DoS (OID: 1.3.6.1.4.1.25623.1.0.11036)
>>
>> For some reason, we could not send the 42.zip file to this MTA
>>
>> Vulnerability Detection Method
>> Details: SMTP antivirus scanner DoS (OID: 1.3.6.1.4.1.25623.1.0.11036)
>
>Does it mean that ClamAV-0.98.3 is vulnerable to the said DoS attack ?
you can set up archive depth and similar limits in clamd.conf
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
He who laughs last thinks slowest.
More information about the clamav-users
mailing list