The file 42.zip was sent 2 times. If there is an antivirus in your MTA, it
might have crashed.
Please check its status right now, as it is not possible to do so remotely
Vulnerability Detection Method
Details: SMTP antivirus scanner DoS (OID: 1.3.6.1.4.1.25623.1.0.11036)
On 20.05.14 11:22, anctop wrote:
But we've verified that ClamAV milter was still running as before.
The milter only passes data from milter to clamd. You need to look if the
clamd crashed.
When using ClamAV-0.98.1, the scan report reads :
smtp (25/tcp) / submission (587/tcp)
Log (CVSS: 7.2) NVT: SMTP antivirus scanner DoS (OID:
1.3.6.1.4.1.25623.1.0.11036)
For some reason, we could not send the 42.zip file to this MTA
Vulnerability Detection Method
Details: SMTP antivirus scanner DoS (OID: 1.3.6.1.4.1.25623.1.0.11036)
Does it mean that ClamAV-0.98.3 is vulnerable to the said DoS attack ?
you can set up archive depth and similar limits in clamd.conf
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
He who laughs last thinks slowest.
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
