On 9/6/2011 6:43 AM, Joel Esler wrote: > On Sep 5, 2011, at 9:04 PM, Nathan Gibbs wrote: >> On 9/5/2011 7:21 PM, Joel Esler wrote: >>> I would love anything interesting regarding hacking a network instance of >>> ClamAV! >>> >>> >>> -- >>> Joel Esler >>> Sourcefire >>> OpenSource Community Manager: Snort, ClamAV, Daemonlogger, and Razorback >>> >>> >>> >>> ;) >>> >> LOL >> Joel, you already know what my ideas are. >> >> >> We will get there, but lets let some people smarter than me, you >> included, weigh in. > > Actually, I don't. Did I miss a thread? > > OK, I thought you had read what I put on the clamav-users list and / or the Clamav Bugzilla and were just messing with me. :-)
There is bug 2727 which I found in April. Although it seems to be a local issue, depending on the update system being used, it could be remotely triggered. Then there is the network access control issue. In July we released a simple tool called Clambake. A tool for enumerating, stress testing, and/or shutting down instances of the Clam Antivirus service on a network. http://www.cmpublishers.com/oss/#clambake Check out this thread to see more of my thoughts on this issue. Clamav-users thread "Clamd network access control" Started 7-22-2011 I am more interested in what others here think than about promoting our "super cool leet haxor tool". Seriously, its neither super, cool, leet , or haxor. Although it was fun to build and trash our Clamav infrastructure with.. :-) I'm not much of a security researcher or coder, but if I can find these issues, than there must be other issues that are far worse. What do those smarter than myself think? -- Sincerely, Nathan Gibbs Systems Administrator Christ Media http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
