On Sun, 17 Oct 2004 21:36:22 -0500 (CDT) Damian Menscher <[EMAIL PROTECTED]> wrote:
> For those running 0.80rc4 or 0.80 final, you can catch all jpeg > exploits with the following signature (add it to a local.ndb file in > your database directory): > > Exploit.JPEG.Comment.FalsePos:5:0:ffd8ff Temporarily you can use (to catch Roxe): Exploit.JPEG.Comment.5:5:0:ffd8ffe0(00|01):3 but it may produce false positive alerts as well. -- oo ..... Tomasz Kojm <[EMAIL PROTECTED]> (\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg \..........._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Mon Oct 18 04:48:20 CEST 2004
pgpAvzwT5DBxu.pgp
Description: PGP signature
_______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users