Thanks for the additional information.
I wonder if the issue encountered here, then, is that certain .zip files
fail to be extracted successfully. See:
https://bugzilla.clamav.net/show_bug.cgi?id=12235 for a reported instance
of this. More investigation will be needed to figure out why this is
h
Should have been file type as reported by the file command. Any usage of ClamAV
outside its design objectives is vulnerable to failure, but the method I pointed
out works, period. But if asked if I thought it was worth it I would say no, of
course not. The OP seems determined though. ClamAV is f
Yes. Debian packages are built with yara support.
Scott K
On February 6, 2019 5:22:48 PM UTC, Arnaud Jacques
wrote:
>Hello Andrew,
>
>I use clamav provided by debian 8.11 :
>dpkg -l|grep clam
>ii clamav 0.100.2+dfsg-0+deb8u1 amd64
>anti-virus utility for Unix - co
Hello Andrew,
I use clamav provided by debian 8.11 :
dpkg -l|grep clam
ii clamav 0.100.2+dfsg-0+deb8u1 amd64
anti-virus utility for Unix - command-line interface
ii clamav-base 0.100.2+dfsg-0+deb8u1 all
anti-virus utility for Unix - ba
Hey Arnaud,
I recently noticed a bug that causes .pwdb files to not be loaded from the
db directory when ClamAV is compiled without Yara support. Is your ClamAV
built with Yara support, and if not, can you try compiling with Yara
support and see whether this fixes the issue for you? This issue w
Hello,
It seems .pwdb files does not work since version 0.100.2 (may be since
0.100.0).
It has this format :
cat passwords.pwdb
ZipPasswordInfected;Engine:51-255;0;infected
This file is in ClamAV databases directory (/var/lib/clamav/) and ClamAV
does not detect malwares when Zip is protected