[clamav-users] Urgent: Php.Exploit.CVE_2015_2331-3 FP
Mark Allan
markjallan at gmail.com
Thu Aug 27 10:24:02 UTC 2015
Hi Alain,
I've just submitted a small selection of the files being tagged as infected.
Regards
Mark
> On 27 Aug 2015, at 11:09 am, Alain Zidouemba <azidouemba at sourcefire.com> wrote:
>
> Al,
>
> I will be pulling the signature shortly. Could you please submit a few of
> the file that are alerting here: http://www.clamav.net/report/report-fp.html
> ?
>
> Thanks,
>
> - Alain
>
> On Wed, Aug 26, 2015 at 11:21 PM, Al Varnell <alvarnell at mac.com> wrote:
>
>> Two Mac users so far are reporting a flood of files identified as being
>> infected with Php.Exploit.CVE_2015_2331. Most of those files are
>> components of OS X and it’s Unix subsystem.
>>
>> Although I have verified that the signature is present in the current
>> database, I am unable to locate in the clamav-virusdb e-mails I have, so it
>> must have been in daily 20840 which I did not receive this afternoon.
>>
>> I urge you to whitelist this at your earliest convenience before permanent
>> damage is suffered by users who mistakenly quarantine or delete these files.
>>
>>
>> -Al-
More information about the clamav-users
mailing list