[clamav-users] FP on OWASP Dependency Check as Java.Malware.Agent-6297845-0:73
Alain Zidouemba
azidouemba at sourcefire.com
Mon Oct 9 21:17:59 UTC 2017
Should be fixed in the next few DB updates.
-Alain
On Oct 9, 2017, at 2:48 PM, Shaw Terwilliger <
sterwilliger at patternhealthtech.com> wrote:
Java.Malware.Agent-6297845-0:73 matches a file that's part of the
OWASP Dependency Check tool, dependency-check-core-1.4.5.jar.
bbeddbad91868290103ed3990e8e0276:515130:Java.Malware.Agent-6297845-0:73
The official repository versions of the files can be found at:
https://repo.maven.apache.org/maven2/org/owasp/dependency-check-core/1.4.5
As far as I know there isn't any malware inside this JAR, and the
OWASP team hasn't published any vulnerabilities or retractions for
that release. Seems like a false positive match.
--
Shaw Terwilliger
Pattern Health Technologies
e sterwilliger at patternhealthtech.com
_______________________________________________
clamav-users mailing list
clamav-users at lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list