date:20180117

Re: [clamav-users] Html.Exploit.CVE_2017_8747-6336227-0 false positives

2018-01-17 Thread Al Varnell

Some ClamXAV users reported this and since it's a Windows CVE it has been 
whitelisted for them.

Be sure and submit a sample or two to > and return here with hash values for the 
file(s).

-Al-

On Wed, Jan 17, 2018 at 09:49 AM, Orion Poplawski wrote:
> Html.Exploit.CVE_2017_8747-6336227-0 is triggering on the following content:
> 
> https://ow1.res.office365.com/owamail/20180105.04/scripts/owa.mail.js 
> 
> https://display.ugc.bazaarvoice.com/static/BonTon/BTN/93/6060_4_0/en_US/stylesheets/screen.css
>  
> 
> https://display.ugc.bazaarvoice.com/static/Lenovo/main_site/528/8923/en_US/stylesheets/screen.css
>  
> 
> 
> Orion Poplawski


___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Unable to upload a false positive.

2018-01-17 Thread Thomas McCourt (tmccourt)

Hello Ramos,


Yes, we are aware of the issue on the site and are working to correct this for 
false positives, we are sorry for any inconvenience.


Thank you,


Tom M




On 1/17/18, 3:52 PM, "clamav-users on behalf of Ramos Alexiou" 
 
wrote:

>Hi,
>
>I have been trying to upload a false positive file on the clamav site for 
>several days now and it keeps asking for the file even if the file has been 
>selected. The upload doesn't take place either. I have attempted the upload 
>with Chrome 63.0.3239.132 and Firefox 57 on Linux (Xubuntu 16.04 x64).
>___
>clamav-users mailing list
>clamav-users@lists.clamav.net
>http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
>Help us build a comprehensive ClamAV guide:
>https://github.com/vrtadmin/clamav-faq
>
>http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Unable to upload a false positive.

2018-01-17 Thread Ramos Alexiou

I've tried both filling up the required info first and attaching the file last 
and attaching the file first and filling up the rest of the info afterwards. It 
doesn't work either way.

From: clamav-users  on behalf of Joel 
Esler (jesler) 
Sent: Wednesday, January 17, 2018 22:55
To: ClamAV users ML
Subject: Re: [clamav-users] Unable to upload a false positive.

We know about this issue and are currently working on fixing the issue.  Please 
bear with us.  It’s a specific corner case that some people are running into.

For instance, are you uploading the file before you file out the form?

Sent from my iPad

> On Jan 17, 2018, at 3:53 PM, Ramos Alexiou  wrote:
>
> Hi,
>
> I have been trying to upload a false positive file on the clamav site for 
> several days now and it keeps asking for the file even if the file has been 
> selected. The upload doesn't take place either. I have attempted the upload 
> with Chrome 63.0.3239.132 and Firefox 57 on Linux (Xubuntu 16.04 x64).
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Unable to upload a false positive.

2018-01-17 Thread Joel Esler (jesler)

We know about this issue and are currently working on fixing the issue.  Please 
bear with us.  It’s a specific corner case that some people are running into.

For instance, are you uploading the file before you file out the form?  

Sent from my iPad

> On Jan 17, 2018, at 3:53 PM, Ramos Alexiou  wrote:
> 
> Hi,
> 
> I have been trying to upload a false positive file on the clamav site for 
> several days now and it keeps asking for the file even if the file has been 
> selected. The upload doesn't take place either. I have attempted the upload 
> with Chrome 63.0.3239.132 and Firefox 57 on Linux (Xubuntu 16.04 x64).
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> 
> 
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] Unable to upload a false positive.

2018-01-17 Thread Ramos Alexiou

Hi,

I have been trying to upload a false positive file on the clamav site for 
several days now and it keeps asking for the file even if the file has been 
selected. The upload doesn't take place either. I have attempted the upload 
with Chrome 63.0.3239.132 and Firefox 57 on Linux (Xubuntu 16.04 x64).
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] Html.Exploit.CVE_2017_8747-6336227-0 false positives

2018-01-17 Thread Orion Poplawski

Html.Exploit.CVE_2017_8747-6336227-0 is triggering on the following content:

https://ow1.res.office365.com/owamail/20180105.04/scripts/owa.mail.js
https://display.ugc.bazaarvoice.com/static/BonTon/BTN/93/6060_4_0/en_US/stylesheets/screen.css
https://display.ugc.bazaarvoice.com/static/Lenovo/main_site/528/8923/en_US/stylesheets/screen.css


-- 
Orion Poplawski
Manager of NWRA Technical Systems  720-772-5637
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane   or...@nwra.com
Boulder, CO 80301 https://www.nwra.com/
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Matching variant patterns in logical or Yara signatures

2018-01-17 Thread Kris Deugau


G.W. Haywood wrote:

Hi there,

On Tue, 16 Jan 2018, Kris Deugau wrote:


I'm trying to create signatures to match a particular series of
large to very large spams whose main identifier is a

Re: [clamav-users] Html.Exploit.CVE_2017_8747-6336227-0 false positives

Re: [clamav-users] Unable to upload a false positive.

Re: [clamav-users] Unable to upload a false positive.

Re: [clamav-users] Unable to upload a false positive.

[clamav-users] Unable to upload a false positive.

[clamav-users] Html.Exploit.CVE_2017_8747-6336227-0 false positives

Re: [clamav-users] Matching variant patterns in logical or Yara signatures

7 matches

Site Navigation

Mail list logo

Footer information