Running on SUSE sles 12 sp2 servers.
rpm -qa | grep clamav
clamav-0.100.3-33.21.1.x86_64
This is what i call the engine. The
actual version af clamav proccess active on my server.
I just want to know how to figure out
if this build has known vulnerabillities.
Like "can it be forced to crash
by inserting infection patterns" or "can it be forced to loop
in a scan cycle, so scan newer completes".
And
If there is known issues. How to fix
or mittigate.
---------------------------------------------------------------------------------------------------------------
Henrik Høg Thomsen
Senior IT Specialist - IBM - IPG
IBM Danmark ApS
Prøvensvej 1
2605 Brøndby
CVR nr.: 65305216
tlf +45 51638561 mail hht@dk.ibm.com
From:
Al Varnell via clamav-users
<clamav-users@lists.clamav.net>
To:
ClamAV users ML <clamav-users@lists.clamav.net>
Cc:
Al Varnell <alvarnell@mac.com>
Date:
2019/08/06 11:43
Subject:
[EXTERNAL] Re:
[clamav-users] Vulnerability Reporting?
Sent by:
"clamav-users"
<clamav-users-bounces@lists.clamav.net>
I'm also confused by what you mean by "firmware engine"
and "compliance"? ClamAV doesn't reside in firmware, so are you
referring to firmware vulnerabilities that impact ClamAV performance? If
there are any, I have not heard about them. Is there a particular platform
that you are referring to?
And with regard to compliance, is there some anti-malware
standard that I'm unaware of that needs to be complied with?
Sent from my iPad
-Al-
On Aug 6, 2019, at 02:08, Henrik Hoeg
Thomsen1 via clamav-users <clamav-users@lists.clamav.net>
wrote:
Does CLAMAV have a forum where Vulnerabillity
findings in the firmware engine can be tracked for Compliance. ? And where
fixes and recomendations can be found.[attachment "smime.p7s"
deleted by Henrik Hoeg Thomsen1/Denmark/IBM]
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
Medmindre andet er angivet ovenfor: / Unless Otherwise Stated Above:
IBM Danmark ApS
Prøvensvej 1
2605 Brøndby, Danmark
CVR nr.: 65305216