[clamav-users] signature for cve2017-11882
Jigar
ojigar at gmail.com
Tue Mar 30 03:52:33 UTC 2021
Hello,
I have uploaded the infected file in clamav malware report submission.
Kindly look into it. I have also herewith attached
signature generated using it.
With Regards
Jigar Raval
On Sun, Mar 28, 2021 at 1:26 PM G.W. Haywood via clamav-users
<clamav-users at lists.clamav.net> wrote:
>
> Hello again,
>
> On Sun, 28 Mar 2021, Jigar via clamav-users wrote:
> > On Sat, Mar 27, 2021 at 11:28 PM G.W. Haywood via clamav-users wrote:
> >>
> >> This is a rather old CVE, what databases do you use for your ClamAV
> >> installation? Perhaps what you have seen recently is a new threat
> >> which has been engineered to avoid some of the existing signatures.
> >
> > ...
> > We have also scannws using the latest clamav signature, porcupine,
> > etc. but could not detect it. ...
>
> Can you give full details? To tell us 'etc.' does not help.
>
> This is the address to use for reporting malware to the ClamAV team:
>
> https://www.clamav.net/reports/malware
>
> Did you use it? If so, you probably don't need to do more, but you
> may need to be patient. The signature team is small and busy.
>
> If you would place an encrypted archive of the malicious file(s)
> somewhere on the Web so that I can download it, I can take a look.
>
> --
>
> 73,
> Ged.
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
-------------- next part --------------
A non-text attachment was scrubbed...
Name: modified-sig26march2021.hdb
Type: application/octet-stream
Size: 216 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20210330/916bea82/attachment.obj>
More information about the clamav-users
mailing list