In case anyone missed it. Clamav needs an update. Note: if you put this in your freshclam.conf you will get an email from your server if it needs a major update: (only pick one, if you have 100 servers, you sure don't want 100 emails)
OnOutdatedExecute echo "Clamav needs update to version %v" \ | mail -s "`hostname` Clamav needs major update" [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jared Braverman Sent: Tuesday, August 08, 2006 6:26 AM To: [EMAIL PROTECTED] Subject: [SECNAP First-Alerts] ClamAV versions up to 0.88.3 DoS (NEW - Makesure to UPDATE to the latest version) ClamAV versions up to 0.88.3 DoS (NEW) Published: 2006-08-07, Last Updated: 2006-08-08 00:15:14 UTC by Jim Clausing (Version: 3(click to highlight changes)) A Secunia bulletin earlier today alerted us to a potential denial of service in the popular open-source anti-virus package ClamAV. The vulnerability is in the pefromupx() routine for unpacking a UPX packed PE executable. The advisory states that all versions up to, and including, 0.88.4 are vulnerable. The front page of http://www.clamav.net states that the latest stable version is 0.88.4, but the "stable" page only mentions 0.88.3 released last month. The sourceforge download page lists a clamav-0.88.4.tar.gz (and .sig), but at the time of this writing, actually clicking on the link results in a "file not found" error. So, it looks like they are scrambling to fix this one and the new version should be available shortly. Update: (2006-08-08 00:10) The tarball is available now as is a proof-of-concept. --------------------------- Jim Clausing, jclausing --at-- isc.sans.org -- Jared Braverman Security Engineer SECNAP Network Security 561-999-5000 ext. 4111 www.Secnap.com _______________________________________________ First-Alerts mailing list SECNAP First Alerts Editorial Staff: Michael Scheidell and Jason Lash. Please feel free to share this with interested parties via email but please do not post it to web sites or blogs. To unsubscribe from SECNAP First Alerts, visit web page at http://listserver.hackertrap.net/mailman/listinfo/first-alerts to unsubscribe or change options ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
