[clamav-users] Is there a PUA warnings Database for ClamScan - Looking up PUA for Webmin

shane at virusbusters.co.nz shane at virusbusters.co.nz
Tue Aug 11 23:52:10 EDT 2015


Possibly a noob question but I'm a noob to this forum :)

I know that scanning with --detect-oua in the command line is going to 
throw a few false positives. However is there a place that common false 
positives can be either registered or looked up?

I've got an Ubuntu server with webmin installed for use by a developer. 
The clamscan below returns two false positives. The CVE is an IE exploit 
to do with the clipboard - possibly the code lets that happen, the other 
I dont know what the issue is - no real warning info.

When looking it up on Google I got no hits, Virustotal says no issues - 
so thus my question. If there was a central repository of PUAs by 
product etc it would make eliminating theme easier.

Ubuntu 14.10 LTs, Latest freshclam, Latest version of clam obtainable 
via apt-get, latest version of webmin.

me at somewhere:/home/me# sudo clamscan -r -i --detect-pua 
/usr/share/webmin/

/usr/share/webmin/ajaxterm/ajaxterm/ajaxterm.js: 
PUA.Http.Exploit.CVE_2015_1692 FOUND
/usr/share/webmin/authentic-theme/unauthenticated/js/tinymce/plugins/preview/plugin.min.js: 
PUA.HTML.Infected.WebPage-1 FOUND

----------- SCAN SUMMARY -----------
Known viruses: 3945421
Engine version: 0.98.7
Scanned directories: 1514
Scanned files: 23280
Infected files: 2
Data scanned: 72.23 MB
Data read: 42.24 MB (ratio 1.71:1)
Time: 38.454 sec (0 m 38 s)






More information about the clamav-users mailing list