[clamav-users] pwdb files still supported ?

[Andrew Williams]

Hey Arnaud,

I recently noticed a bug that causes .pwdb files to not be loaded from the
db directory when ClamAV is compiled without Yara support.  Is your ClamAV
built with Yara support, and if not, can you try compiling with Yara
support and see whether this fixes the issue for you?  This issue will be
fixed in an upcoming release.

Thanks,

-Andrew
Research Engineer
Malware Research Team

On Wed, Feb 6, 2019 at 11:16 AM Arnaud Jacques <webmaster at securiteinfo.com>
wrote:

> Hello,
>
> It seems .pwdb files does not work since version 0.100.2 (may be since
> 0.100.0).
> It has this format :
>
> cat passwords.pwdb
> ZipPasswordInfected;Engine:51-255;0;infected
>
> This file is in ClamAV databases directory (/var/lib/clamav/) and ClamAV
> does not detect malwares when Zip is protected by the "infected"
> password. Manually unzipped, ClamAV is enable to detect the malware.
>
> Is the format of .pwdb files has changed since 0.100.x ?
> Is it still supported on recent ClamAV version ?
>
> --
> Cordialement / Best regards,
>
> Arnaud Jacques
> Gérant de SecuriteInfo.com
>
> Téléphone : +33-(0)3.44.39.76.46
> E-mail : aj at securiteinfo.com
> Site web : https://www.securiteinfo.com
> Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
> Twitter : @SecuriteInfoCom
>
> Securiteinfo.com
> La Sécurité Informatique - La Sécurité des Informations.
> 266, rue de Villers
> 60123 Bonneuil en Valois
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20190206/49ba0d7d/attachment.htm>