[clamav-users] daily sig 22066 and kaspersky site Html.Exploit.CVE_2016_3326-3

ancien compte kiborg75012 at gmail.com
Thu Aug 11 10:26:19 EDT 2016


good job
thx
Le jeu. 11 août 2016 à 15:54, Alain Zidouemba <azidouemba at sourcefire.com> a
écrit :

> The signature "Html.Exploit.CVE_2016_3326-3" has been removed and will be
> update to take into account the false positives reported.
>
> Thanks,
>
> - Alain
>
> On Thu, Aug 11, 2016 at 6:36 AM, ancien compte <kiborg75012 at gmail.com>
> wrote:
>
> > and http://www.kaspersky.fr/internet-security etc .... is accessible now
> > :)
> >
> > 2016-08-11 12:35 UTC+02:00, ancien compte <kiborg75012 at gmail.com>:
> > > it's works fine from freshclam update database
> > > my daughter thx you too :)
> > >
> > >
> > > Thu Aug 11 12:07:51 2016 -> Update process terminated
> > > Thu Aug 11 12:07:52 2016 -> --------------------------------------
> > > Thu Aug 11 12:07:52 2016 -> Current working dir is /var/lib/clamav
> > > Thu Aug 11 12:07:52 2016 -> freshclam daemon 0.99.2 (OS:
> > > linux-gnueabihf, ARCH: arm, CPU: arm)
> > > Thu Aug 11 12:07:52 2016 -> Max retries == 5
> > > Thu Aug 11 12:07:52 2016 -> ClamAV update process started at Thu Aug
> > > 11 12:07:52 2016
> > > Thu Aug 11 12:07:52 2016 -> Using IPv6 aware code
> > > Thu Aug 11 12:07:52 2016 -> Querying current.cvd.clamav.net
> > > Thu Aug 11 12:07:52 2016 -> TTL: 300
> > > Thu Aug 11 12:07:52 2016 -> Software version from DNS: 0.99.2
> > > Thu Aug 11 12:07:52 2016 -> Trying to download
> > >
> http://www.securiteinfo.com/get/signatures/XXXXXXXXXX0/securiteinfo.hdb
> > > (IP: 62.210.244.190)
> > > Thu Aug 11 12:09:22 2016 -> Downloading securiteinfo.hdb [*]
> > > Thu Aug 11 12:09:22 2016 -> Loading signatures from securiteinfo.hdb
> > > Thu Aug 11 12:09:30 2016 -> Properly loaded 2271876 signatures from
> > > new securiteinfo.hdb
> > > Thu Aug 11 12:09:33 2016 -> securiteinfo.hdb updated (version: custom
> > > database, sigs: 2271876)
> > > Thu Aug 11 12:09:33 2016 -> Trying to download
> > >
> http://www.securiteinfo.com/get/signatures/XXXXXXXXXX0/securiteinfo.ign2
> > > (IP: 62.210.244.190)
> > > Thu Aug 11 12:09:33 2016 -> Downloading securiteinfo.ign2 [*]
> > > Thu Aug 11 12:09:33 2016 -> Loading signatures from securiteinfo.ign2
> > > Thu Aug 11 12:09:33 2016 -> Properly loaded 0 signatures from new
> > > securiteinfo.ign2
> > > Thu Aug 11 12:09:33 2016 -> securiteinfo.ign2 updated (version: custom
> > > database, sigs: 235)
> > > Thu Aug 11 12:09:33 2016 -> Trying to download
> > > http://www.securiteinfo.com/get/signatures/XXXXXXXXXX0/javascript.ndb
> > > (IP: 62.210.244.190)
> > > Thu Aug 11 12:09:38 2016 -> Downloading javascript.ndb [*]
> > > Thu Aug 11 12:09:38 2016 -> Loading signatures from javascript.ndb
> > > Thu Aug 11 12:09:53 2016 -> Properly loaded 24217 signatures from new
> > > javascript.ndb
> > > Thu Aug 11 12:09:53 2016 -> javascript.ndb updated (version: custom
> > > database, sigs: 24218)
> > > Thu Aug 11 12:09:53 2016 -> Trying to download
> > > http://www.securiteinfo.com/get/signatures/XXXXXXXXXX0/
> > spam_marketing.ndb
> > > (IP: 62.210.244.190)
> > > Thu Aug 11 12:09:53 2016 -> Downloading spam_marketing.ndb [*]
> > > Thu Aug 11 12:09:53 2016 -> Loading signatures from spam_marketing.ndb
> > > Thu Aug 11 12:09:53 2016 -> Properly loaded 3584 signatures from new
> > > spam_marketing.ndb
> > > Thu Aug 11 12:09:53 2016 -> spam_marketing.ndb updated (version:
> > > custom database, sigs: 3584)
> > > Thu Aug 11 12:09:53 2016 -> Trying to download
> > > http://www.securiteinfo.com/get/signatures/XXXXXXXXXX0/
> > securiteinfohtml.hdb
> > > (IP: 62.210.244.190)
> > > Thu Aug 11 12:09:55 2016 -> Downloading securiteinfohtml.hdb [*]
> > > Thu Aug 11 12:09:55 2016 -> Loading signatures from
> securiteinfohtml.hdb
> > > Thu Aug 11 12:09:55 2016 -> Properly loaded 58245 signatures from new
> > > securiteinfohtml.hdb
> > > Thu Aug 11 12:09:55 2016 -> securiteinfohtml.hdb updated (version:
> > > custom database, sigs: 58245)
> > > Thu Aug 11 12:09:55 2016 -> Trying to download
> > > http://www.securiteinfo.com/get/signatures/XXXXXXXXXX0/
> > securiteinfoascii.hdb
> > > (IP: 62.210.244.190)
> > > Thu Aug 11 12:09:58 2016 -> Downloading securiteinfoascii.hdb [*]
> > > Thu Aug 11 12:09:58 2016 -> Loading signatures from
> securiteinfoascii.hdb
> > > Thu Aug 11 12:09:58 2016 -> Properly loaded 77057 signatures from new
> > > securiteinfoascii.hdb
> > > Thu Aug 11 12:09:59 2016 -> securiteinfoascii.hdb updated (version:
> > > custom database, sigs: 77057)
> > > Thu Aug 11 12:09:59 2016 -> Trying to download
> > > http://www.securiteinfo.com/get/signatures/XXXXXXXXXX0/
> > securiteinfoandroid.hdb
> > > (IP: 62.210.244.190)
> > > Thu Aug 11 12:10:02 2016 -> Downloading securiteinfoandroid.hdb [*]
> > > Thu Aug 11 12:10:02 2016 -> Loading signatures from
> > securiteinfoandroid.hdb
> > > Thu Aug 11 12:10:02 2016 -> Properly loaded 81713 signatures from new
> > > securiteinfoandroid.hdb
> > > Thu Aug 11 12:10:02 2016 -> securiteinfoandroid.hdb updated (version:
> > > custom database, sigs: 81713)
> > > Thu Aug 11 12:10:02 2016 -> main.cvd version from DNS: 57
> > > Thu Aug 11 12:10:02 2016 -> main.cvd is up to date (version: 57, sigs:
> > > 4218790, f-level: 60, builder: amishhammer)
> > > Thu Aug 11 12:10:02 2016 -> daily.cvd version from DNS: 22066
> > > Thu Aug 11 12:10:02 2016 -> daily.cld is up to date (version: 22066,
> > > sigs: 500202, f-level: 63, builder: neo)
> > > Thu Aug 11 12:10:02 2016 -> safebrowsing.cvd version from DNS: 44910
> > > Thu Aug 11 12:10:02 2016 -> safebrowsing.cvd is up to date (version:
> > > 44910, sigs: 2930264, f-level: 63, builder: google)
> > > Thu Aug 11 12:10:02 2016 -> bytecode.cvd version from DNS: 283
> > > Thu Aug 11 12:10:02 2016 -> bytecode.cvd is up to date (version: 283,
> > > sigs: 53, f-level: 63, builder: neo)
> > > Thu Aug 11 12:10:16 2016 -> Database updated (10166237 signatures)
> > > from db.local.clamav.net
> > > Thu Aug 11 12:10:16 2016 -> Clamd successfully notified about the
> update.
> > > Thu Aug 11 12:10:16 2016 -> --------------------------------------
> > >
> > >
> > > Thu Aug 11 12:11:28 2016 -> Reading databases from /var/lib/clamav
> > >
> > >
> > > Thu Aug 11 12:23:44 2016 -> Received 0 file descriptor(s) from systemd.
> > > Thu Aug 11 12:23:44 2016 -> clamd daemon 0.99.2 (OS: linux-gnueabihf,
> > > ARCH: arm, CPU: armv7l)
> > > Thu Aug 11 12:23:44 2016 -> Running as user proxy (UID 13, GID 13)
> > > Thu Aug 11 12:23:44 2016 -> Log file size limited to -1 bytes.
> > > Thu Aug 11 12:23:44 2016 -> Reading databases from /var/lib/clamav
> > > Thu Aug 11 12:23:44 2016 -> Not loading PUA signatures.
> > > Thu Aug 11 12:23:44 2016 -> Bytecode: Security mode set to
> "TrustSigned".
> > > Thu Aug 11 12:24:48 2016 -> Loaded 10160559 signatures.
> > > Thu Aug 11 12:25:37 2016 -> LOCAL: Removing stale socket file
> > > /var/run/clamav/clamd.ctl
> > > Thu Aug 11 12:25:37 2016 -> LOCAL: Unix socket file
> > > /var/run/clamav/clamd.ctl
> > > Thu Aug 11 12:25:37 2016 -> LOCAL: Setting connection queue length to
> 15
> > > Thu Aug 11 12:25:37 2016 -> Limits: Global size limit set to 104857600
> > > bytes.
> > > Thu Aug 11 12:25:37 2016 -> Limits: File size limit set to 26214400
> > bytes.
> > > Thu Aug 11 12:25:37 2016 -> Limits: Recursion level limit set to 16.
> > > Thu Aug 11 12:25:37 2016 -> Limits: Files limit set to 10000.
> > > Thu Aug 11 12:25:37 2016 -> Limits: MaxEmbeddedPE limit set to 10485760
> > > bytes.
> > > Thu Aug 11 12:25:37 2016 -> Limits: MaxHTMLNormalize limit set to
> > > 10485760 bytes.
> > > Thu Aug 11 12:25:37 2016 -> Limits: MaxHTMLNoTags limit set to 2097152
> > > bytes.
> > > Thu Aug 11 12:25:37 2016 -> Limits: MaxScriptNormalize limit set to
> > > 5242880 bytes.
> > > Thu Aug 11 12:25:37 2016 -> Limits: MaxZipTypeRcg limit set to 1048576
> > > bytes.
> > > Thu Aug 11 12:25:37 2016 -> Limits: MaxPartitions limit set to 50.
> > > Thu Aug 11 12:25:37 2016 -> Limits: MaxIconsPE limit set to 100.
> > > Thu Aug 11 12:25:37 2016 -> Limits: MaxRecHWP3 limit set to 16.
> > > Thu Aug 11 12:25:37 2016 -> Limits: PCREMatchLimit limit set to 10000.
> > > Thu Aug 11 12:25:37 2016 -> Limits: PCRERecMatchLimit limit set to
> 5000.
> > > Thu Aug 11 12:25:37 2016 -> Limits: PCREMaxFileSize limit set to 25.
> > > Thu Aug 11 12:25:37 2016 -> Archive support enabled.
> > > Thu Aug 11 12:25:37 2016 -> Algorithmic detection enabled.
> > > Thu Aug 11 12:25:37 2016 -> Portable Executable support enabled.
> > > Thu Aug 11 12:25:37 2016 -> ELF support enabled.
> > > Thu Aug 11 12:25:37 2016 -> Mail files support enabled.
> > > Thu Aug 11 12:25:37 2016 -> OLE2 support enabled.
> > > Thu Aug 11 12:25:37 2016 -> PDF support enabled.
> > > Thu Aug 11 12:25:37 2016 -> SWF support enabled.
> > > Thu Aug 11 12:25:37 2016 -> HTML support enabled.
> > > Thu Aug 11 12:25:37 2016 -> XMLDOCS support enabled.
> > > Thu Aug 11 12:25:37 2016 -> HWP3 support enabled.
> > > Thu Aug 11 12:25:37 2016 -> Self checking every 3600 seconds.
> > >
> > >
> > > 2016-08-11 11:14 UTC+02:00, Steve Basford <steveb_clamav at sanesecurity.
> > com>:
> > >>
> > >> On Thu, August 11, 2016 10:07 am, ancien compte wrote:
> > >>> Also, the mirror clamav.securiteinfo.com not work, can't resolv it
> > >>>
> > >> That's an old 3rd party signature domain... it's been gone a while..
> > >>
> > >> Latest download scripts here:
> > >>
> > >> http://sanesecurity.com/usage/linux-scripts/
> > >>
> > >> Cheers,
> > >>
> > >> Steve
> > >> Web : sanesecurity.com
> > >> Twitter: @sanesecurity
> > >>
> > >> _______________________________________________
> > >> Help us build a comprehensive ClamAV guide:
> > >> https://github.com/vrtadmin/clamav-faq
> > >>
> > >> http://www.clamav.net/contact.html#ml
> > >>
> > >
> > _______________________________________________
> > Help us build a comprehensive ClamAV guide:
> > https://github.com/vrtadmin/clamav-faq
> >
> > http://www.clamav.net/contact.html#ml
> >
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>



More information about the clamav-users mailing list