[clamav-users] Urgent: Php.Exploit.CVE_2015_2331-3 FP

Alain Zidouemba azidouemba at sourcefire.com
Thu Aug 27 06:09:48 EDT 2015


Al,

I will be pulling the signature shortly. Could you please submit a few of
the file that are alerting here: http://www.clamav.net/report/report-fp.html
?

Thanks,

- Alain

On Wed, Aug 26, 2015 at 11:21 PM, Al Varnell <alvarnell at mac.com> wrote:

> Two Mac users so far are reporting a flood of files identified as being
> infected with Php.Exploit.CVE_2015_2331.  Most of those files are
> components of OS X and it’s Unix subsystem.
>
> Although I have verified that the signature is present in the current
> database, I am unable to locate in the clamav-virusdb e-mails I have, so it
> must have been in daily 20840 which I did not receive this afternoon.
>
> I urge you to whitelist this at your earliest convenience before permanent
> damage is suffered by users who mistakenly quarantine or delete these files.
>
>
> -Al-
> --
> Al Varnell
> Mountain View, CA
>
>
>
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>



More information about the clamav-users mailing list