[clamav-users] signature for cve2017-11882
G.W. Haywood
clamav at jubileegroup.co.uk
Sun Mar 28 07:55:34 UTC 2021
Hello again,
On Sun, 28 Mar 2021, Jigar via clamav-users wrote:
> On Sat, Mar 27, 2021 at 11:28 PM G.W. Haywood via clamav-users wrote:
>>
>> This is a rather old CVE, what databases do you use for your ClamAV
>> installation? Perhaps what you have seen recently is a new threat
>> which has been engineered to avoid some of the existing signatures.
>
> ...
> We have also scannws using the latest clamav signature, porcupine,
> etc. but could not detect it. ...
Can you give full details? To tell us 'etc.' does not help.
This is the address to use for reporting malware to the ClamAV team:
https://www.clamav.net/reports/malware
Did you use it? If so, you probably don't need to do more, but you
may need to be patient. The signature team is small and busy.
If you would place an encrypted archive of the malicious file(s)
somewhere on the Web so that I can download it, I can take a look.
--
73,
Ged.
More information about the clamav-users
mailing list