[clamav-users] Urgent: Php.Exploit.CVE_2015_2331-3 FP

Alain Zidouemba azidouemba at sourcefire.com
Thu Aug 27 06:25:02 EDT 2015


Thanks Mark.

- Alain

On Thu, Aug 27, 2015 at 6:24 AM, Mark Allan <markjallan at gmail.com> wrote:

> Hi Alain,
>
> I've just submitted a small selection of the files being tagged as
> infected.
>
> Regards
> Mark
>
> > On 27 Aug 2015, at 11:09 am, Alain Zidouemba <azidouemba at sourcefire.com>
> wrote:
> >
> > Al,
> >
> > I will be pulling the signature shortly. Could you please submit a few of
> > the file that are alerting here:
> http://www.clamav.net/report/report-fp.html
> > ?
> >
> > Thanks,
> >
> > - Alain
> >
> > On Wed, Aug 26, 2015 at 11:21 PM, Al Varnell <alvarnell at mac.com> wrote:
> >
> >> Two Mac users so far are reporting a flood of files identified as being
> >> infected with Php.Exploit.CVE_2015_2331.  Most of those files are
> >> components of OS X and it’s Unix subsystem.
> >>
> >> Although I have verified that the signature is present in the current
> >> database, I am unable to locate in the clamav-virusdb e-mails I have,
> so it
> >> must have been in daily 20840 which I did not receive this afternoon.
> >>
> >> I urge you to whitelist this at your earliest convenience before
> permanent
> >> damage is suffered by users who mistakenly quarantine or delete these
> files.
> >>
> >>
> >> -Al-
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>



More information about the clamav-users mailing list