-Original message-
From: Tomasz Kojm
Sent: Wed 08-02-2012 22:25
Subject:Re: [clamav-users] Cannot disable BC.Exploit.CVE_2011_3412 FP
To: ClamAV users ML ;
> On Wed, 8 Feb 2012 11:02:54 +1100 Bill Maidment wrote:
>
> > I have manually patched 0.97.3, re-compiled, re-inst
On Feb 8, 2012, at 10:09 AM, Joel Esler wrote:
> We're looking into a solution for this.
Oh, sure...when this issue was first noticed, anti-virus providers started
doing things like obfuscating or encrypting the malware signatures. However,
since malware generally also tries to conceal itself,
We're looking into a solution for this.
On Wed, Feb 8, 2012 at 10:51 AM, Chuck Swiger wrote:
> On Feb 8, 2012, at 7:25 AM, Yoshihara Takao wrote:
> > Hi all,
> >
> > Now I use Snort-2.9.2.1 and clamd-0.97.3-3 on the same OS, Scientific
> Linux
> > 6.1 (i686).
> > Since around a month ago, whenev
On Feb 8, 2012, at 7:25 AM, Yoshihara Takao wrote:
> Hi all,
>
> Now I use Snort-2.9.2.1 and clamd-0.97.3-3 on the same OS, Scientific Linux
> 6.1 (i686).
> Since around a month ago, whenever daily clamscan is finished, the same
> following False Positive has been detected and the files have bee
Hi all,
Now I use Snort-2.9.2.1 and clamd-0.97.3-3 on the same OS, Scientific Linux
6.1 (i686).
Since around a month ago, whenever daily clamscan is finished, the same
following False Positive has been detected and the files have been
mandatorily deleted:
/etc/snort/rules/web-client.rules: CVE_
On Wed, 8 Feb 2012 14:03:18 +0100 Ralf Hildebrandt
wrote:
> * Tomasz Kojm :
>> On Wed, 8 Feb 2012 11:02:54 +1100 Bill Maidment wrote:
>>
>>> I have manually patched 0.97.3, re-compiled, re-installed and restarted
>>> clamd, but the ign2 file is still being ignored.
>>>
>>> [root@stiles clamav]#
* Tomasz Kojm :
> On Wed, 8 Feb 2012 11:02:54 +1100 Bill Maidment wrote:
>
> > I have manually patched 0.97.3, re-compiled, re-installed and restarted
> > clamd, but the ign2 file is still being ignored.
> >
> > [root@stiles clamav]# cat /usr/local/share/clamav/local.ign2
> > BC.Exploit.CVE_20
Hi there,
On Wed, 8 Feb 2012, Dave Reynolds wrote:
As to why I would install ClamAV, it is an IA requirement that we
scan for viruses on remote file transfers that go thru this system
and there aren't too many options that will run under IRIX.
IA = "Inspection Authority"?
Does the IA know wh
On Wed, 8 Feb 2012 11:02:54 +1100 Bill Maidment wrote:
> I have manually patched 0.97.3, re-compiled, re-installed and restarted
> clamd, but the ign2 file is still being ignored.
>
> [root@stiles clamav]# cat /usr/local/share/clamav/local.ign2
> BC.Exploit.CVE_2011_3412
The entry is not comp