[clamav-users] clamsubmit error

Joel Esler (jesler) jesler at cisco.com
Fri May 11 09:12:19 EDT 2018


Arnaud, 

Is that you sending us all those submissions?!  Fantastic amount!


> On May 9, 2018, at 10:07 AM, Arnaud Jacques <webmaster at securiteinfo.com> wrote:
> 
> Hello,
> 
>> clamsubmit with ClamAV 0.100.0 should work fine.  I am surprised to see that error. We fixed code in the near vicinity to that error statement shortly before the 0.100 release.
> 
> I got deeper today : I listened HTTP flow when I use
> clamsubmit version 0.100.0 :
> 
> GET /reports/malware HTTP/1.1
> Host: www.clamav.net
> Accept: */*
> 
> HTTP/1.1 301 Moved Permanently
> Date: Wed, 09 May 2018 13:56:37 GMT
> Transfer-Encoding: chunked
> Connection: keep-alive
> Cache-Control: max-age=3600
> Expires: Wed, 09 May 2018 14:56:37 GMT
> Location: https://www.clamav.net/reports/malware
> Server: cloudflare
> CF-RAY: 4184aba783bb68ba-CDG
> 
> 
> It seems clamsubmit use wrong (old) URL.
> How is it possible in v0.100.0 ?
> 
> Bonus : it sends malware or false positive using HTTP, non encrypted submission. So it could transfert sensitive information on the network in clear text using clamsubmit.
> 
> -- 
> Cordialement / Best regards,
> 
> Arnaud Jacques
> Gérant de SecuriteInfo.com
> 
> Téléphone : +33-(0)3.44.39.76.46
> E-mail : aj at securiteinfo.com
> Site web : https://www.securiteinfo.com
> Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
> Twitter : @SecuriteInfoCom
> 
> Securiteinfo.com
> La Sécurité Informatique - La Sécurité des Informations.
> 266, rue de Villers
> 60123 Bonneuil en Valois
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml



More information about the clamav-users mailing list