Hi All,
I am running ClamAV 0.91.2 release on RedHat Enterprise Linux 5 release
(64 bit version). I scanned a pdf and it gives clamav a denial of
service. can someone help me giving me a fix to this.
I am giving the output of clamscan that i ran on the pdf at the end of
this email. important things are marked in bold
Regards
K.Deepak
*LibClamAV debug: Initializing the engine (0.91.2)*
LibClamAV debug: Initializing phishcheck module
LibClamAV debug: Phishcheck: Compiling regex:
^(0[xX][0-9a-fA-F]+|[0-9]+)(\.(0[xX][0-9a-fA-F]+|[0-9]+)){0,3}$
LibClamAV debug: Phishcheck: Compiling regex:
^(a[dfilmoqrtuwxz]|b[bdeghijmorstwyz]|c[ahlmnosuy]|d[ejkmz]|e[cegrstu]|f[ijr]|g[abdeghilmnprtuwy]|h[nrtu]|i[delnqst]|j[emop]|k[eghimwz]|l[birstuv]|m[acglmnoqrstuvwxyz]|n[aegilopru]|om|p[aehkltwy]|qa|r[ow]|s[cdeginorz]|t[dghjklmnorvwz]|u[agyz]|v[enu]|ws|y[etu])$
LibClamAV debug: Phishcheck: Compiling regex:
^(A[CDEFGILMNOQRSTUWXZ]|B[ABDEFGHIJMNORSTVWYZ]|C[ACDFGHIKLMNORUVXYZ]|D[EJKMOZ]|E[CEGRSTU]|F[IJKMOR]|G[ABDEFGHILMNPQRSTUWY]|H[KMNRTU]|I[DELMNOQRST]|J[EMOP]|K[EGHIMNRWYZ]|L[ABCIKRSTUVY]|M[ACDGHKLMNOPQRSTUVWXYZ]|N[ACEFGILOPRUZ]|OM|P[AEFGHKLMNRSTWY]|QA|R[EOUW]|S[ABCDEGHIJKLMNORTUVYZ]|T[CDFGHJKLMNOPRTVWZ]|U[AGKMSYZ]|V[ACEGINU]|W[FS]|Y[ETU]|Z[AMW]|BIZ|CAT|COM|EDU|GOV|INT|MIL|NET|ORG|PRO|AERO|ARPA|COOP|INFO|JOBS|MOBI|NAME|MUSEUM)$
LibClamAV debug: Phishcheck: Compiling regex: ^
*(([a-zA-Z]([-$_@a-zA-Z0-9!*'(),]|%[0-9a-fA-f]{2})*:(//)?)?(([-$_@a-zA-Z0-9!*'(),]|%[0-9a-fA-f]{2})|\+)+\.((([-$_@a-zA-Z0-9!*'(),]|%[0-9a-fA-f]{2})|\+)+\.)*(A[CDEFGILMNOQRSTUWXZ]|B[ABDEFGHIJMNORSTVWYZ]|C[ACDFGHIKLMNORUVXYZ]|D[EJKMOZ]|E[CEGRSTU]|F[IJKMOR]|G[ABDEFGHILMNPQRSTUWY]|H[KMNRTU]|I[DELMNOQRST]|J[EMOP]|K[EGHIMNRWYZ]|L[ABCIKRSTUVY]|M[ACDGHKLMNOPQRSTUVWXYZ]|N[ACEFGILOPRUZ]|OM|P[AEFGHKLMNRSTWY]|QA|R[EOUW]|S[ABCDEGHIJKLMNORTUVYZ]|T[CDFGHJK
LMNOPRTVWZ]|U[AGKMSYZ]|V[ACEGINU]|W[FS]|Y[ETU]|Z[AMW]|BIZ|CAT|COM|EDU|GOV|INT|MIL|NET|ORG|PRO|AERO|ARPA|COOP|INFO|JOBS|MOBI|NAME|MUSEUM)(/(([EMAIL
PROTECTED]a-zA-Z0-9!*'(),]|%[0-9a-fA-f]{2})|\+|=)*)*(\?(([EMAIL
PROTECTED]a-zA-Z0-9!*'(),]|%[0-9a-fA-f]{2})+)*)?(#([EMAIL
PROTECTED]a-zA-Z0-9!*'(),]|%[0-9a-fA-f]{2})+)?|(http|https|ftp)://.+)
*$
LibClamAV debug: Phishcheck: Compiling regex: ^
*([a-zA-Z]([-$_@a-zA-Z0-9!*'(),]|%[0-9a-fA-f]{2})*:(//)?)?[0-9]{1,3}(\.[0-9]{1,3}){3}(:(([-$_@a-zA-Z0-9!*'(),]|%[0-9a-fA-f]{2})|\+)+)?(/((([EMAIL
PROTECTED]a-zA-Z0-9!*'(),]|%[0-9a-fA-f]{2})|\+)+/?)*)?(\?(([EMAIL
PROTECTED]a-zA-Z0-9!*'(),]|%[0-9a-fA-f]{2})+)*)?(#([EMAIL
PROTECTED]a-zA-Z0-9!*'(),]|%[0-9a-fA-f]{2})+)?
*$
LibClamAV debug: Phishcheck module initialized
LibClamAV debug: cli_loaddbdir: Acquiring dbdir lock
LibClamAV debug: Loading databases from /var/lib/clamav
LibClamAV debug: Initializing engine-root[0]
LibClamAV debug: Initialising AC pattern matcher of root[0]
LibClamAV debug: cli_initroots: Initializing BM tables of root[0]
LibClamAV debug: in cli_bm_init()
LibClamAV debug: BM: Number of indexes = 63744
LibClamAV debug: Initializing engine-root[1]
LibClamAV debug: Initialising AC pattern matcher of root[1]
LibClamAV debug: cli_initroots: Initializing BM tables of root[1]
LibClamAV debug: in cli_bm_init()
LibClamAV debug: BM: Number of indexes = 63744
LibClamAV debug: Initializing engine-root[2]
LibClamAV debug: Initialising AC pattern matcher of root[2]
LibClamAV debug: cli_initroots: Initializing BM tables of root[2]
LibClamAV debug: in cli_bm_init()
LibClamAV debug: BM: Number of indexes = 63744
LibClamAV debug: Initializing engine-root[3]
LibClamAV debug: Initialising AC pattern matcher of root[3]
LibClamAV debug: cli_initroots: Initializing BM tables of root[3]
LibClamAV debug: in cli_bm_init()
LibClamAV debug: BM: Number of indexes = 63744
LibClamAV debug: /var/lib/clamav/phish.ndb loaded
LibClamAV debug: in cli_cvdload()
LibClamAV debug: MD5(.tar.gz) = f58ebea492c9bd38d4921f6c60b480cb
LibClamAV debug: cli_versig: Decoded signature:
f58ebea492c9bd38d4921f6c60b480cb
LibClamAV debug: cli_versig: Digital signature is correct.
LibClamAV debug: in cli_untgz()
LibClamAV debug: Unpacking
/tmp/clamav-462851ba33b53ab50d257fe9274b4048/COPYING
LibClamAV debug: Unpacking
/tmp/clamav-462851ba33b53ab50d257fe9274b4048/main.db
LibClamAV debug: Unpacking
/tmp/clamav-462851ba33b53ab50d257fe9274b4048/main.hdb
LibClamAV debug: Unpacking
/tmp/clamav-462851ba33b53ab50d257fe9274b4048/main.ndb
LibClamAV debug: Unpacking
/tmp/clamav-462851ba33b53ab50d257fe9274b4048/main.zmd
LibClamAV debug: Unpacking
/tmp/clamav-462851ba33b53ab50d257fe9274b4048/main.fp
LibClamAV debug: Unpacking
/tmp/clamav-462851ba33b53ab50d257fe9274b4048/main.mdb
LibClamAV debug: Unpacking
/tmp/clamav-462851ba33b53ab50d257fe9274b4048/main.info
LibClamAV debug: cli_loaddbdir: Acquiring dbdir lock
LibClamAV debug: Loading databases from
/tmp/clamav-462851ba33b53ab50d257fe9274b4048
LibClamAV debug: /tmp/clamav-462851ba33b53ab50d257fe9274b4048/main.ndb
loaded
LibClamAV debug: /tmp/clamav-462851ba33b53ab50d257fe9274b4048/main.db loaded
LibClamAV debug: