[clamav-users] Injection Vulnerability in 0.99.2
Reindl Harald
h.reindl at thelounge.net
Thu Sep 28 21:23:16 UTC 2017
Am 28.09.2017 um 23:02 schrieb Steven Morgan:
> The fact that using clamd over TCP has insecurities has come up before. If
> using clamd, it is recommended to use the local socket option rather than a
> TCP socket.
>
> # The daemon can work in local mode, network mode or both.
> # Due to security reasons we recommend the local mode.
>
> Until it is fixed, only use TCP sockets on externally secured networks
sorry, but that is hardly related to whatever bug and can be said for
any service in general
More information about the clamav-users
mailing list