On Wed, 2005-12-21 at 14:41, David F. Skoll wrote: > [...] > > > But ClamAV is not likely to be exploited... AV software tends to be > > more secure than software in-the-main. > > *cough* I don't think so. > > Clam 0.87.1 fixed a security bug. > Clam 0.87 fixed a security bug. > Clam 0.86.2 fixed a security bug. > Clam 0.86.1 fixed a DoS bug. > Clam 0.86 fixed a DoS bug. > > I think you get the picture... > > (Btw, if I seem to be picking on Clam, I'm not. Most AV software is > horribly hairy, because it tries to deal with > zip/tar/gzip/bzip2/lha/zoo/arc/your_weird_format_here files. With all those > wacky uncompressors and file formats, bugs will inevitably creep in.)
Yes, odd you should mention this today - Symantec has exactly that problem: http://news.zdnet.com/2100-1009_22-6004097.html?tag=nl.e589 and the article mentions a couple of others. -- Les Mikesell [EMAIL PROTECTED] _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
