Hello,
I am running clamav-0.70 with mailscanner (rebuilt the Fedora RPMs on
RHEL3), and I have had for the first time something I have not had in a
very long time; Segmentation fault, :-( Bye..
I searched the logs, and this occurred as follows:
Tue May 4 16:08:13 2004 - Segmentation
Tomasz Kojm wrote:
Tue May 4 16:08:13 2004 - Segmentation fault :-( Bye..
and at precisely 16:08:13, MailScanner reports the following virus:
May 4 16:08:13 MailScanner[16448]:
/var/spool/MailScanner/incoming/16448/.i44K7gOj020343/%nTips.exe:
Worm.Klez.H FOUND
Is it possible that a %n in
No, it isn't obviously the scan that caused the segmentation fault.
That's a wholly unfounded assumption on your part.
This server processes between 30 and 100 thousand emails per day,
calling clamdscan on every one. It will find 2 to 5 hundred Klez
viruses per day. In your expert opinion,
Tomasz Kojm wrote:
On Wed, 05 May 2004 09:32:48 -0400
Chris Conn [EMAIL PROTECTED] wrote:
Hello,
This server processes between 30 and 100 thousand emails per day,
calling clamdscan on every one. It will find 2 to 5 hundred Klez
viruses per day. In your expert opinion, what would
this segmentation fault that occurred at the exact second it scanned
this Klez virus?
As a temporary work-around please disable the LogSyslog directive. The
format string problem is connected with the vsyslog() call in
shared/output.c and currently I have no (good) idea how to fix it.
Hello,
I like virii - it sounds important and like something
that can be on the ER equivalent for geeks...
Perhaps, but if you were to actually pluralize it using Latin rules, the
result would be 'viri.'
bla bla bla. While I appreciate the proper use of the English language,
would someone care to
Put /var/lib/clamav to owner clamav group clamav.
Salvatore Basso wrote:
Hi, in my /var/log/clamav/freashcleam.log:
freshclam daemon 0.75.1 (OS: linux-gnu, ARCH: i386, CPU: i686)
ClamAV update process started at Wed Sep 29 14:45:30 2004
ERROR: Can't open new file ./clamav-8afb9be871b84532 to
Hello,
Is it possible in clamav to disable a particular signature? I am using
0.80rc4 and since this morning (after downloading signature file version
534) I have been matching a ton of false positives on .jpg and .tif
files for the JPEG.Comment exploits.
If upgrading to 0.80 release is a
of signature version 535 being released, however it has
stopped.
So in any case, I don't know what caused this problem however the same
files were sent through using 0.80-stable and signatures 535 and all is
well.
Sincerely,
Chris Conn
___
http
Mario Alberto Cruz Gartner wrote:
Hi!
I was using 0.80 and getting excellents results with it.
Today i upgraded to 0.81 but when the clamdscan is called (from the
MailScanner program) it says:
WARNING: Ignoring option --unzip: please edit clamd.conf instead.
WARNING: Ignoring option --unarj:
Please contact the authors!
Feb 13 18:33:25 MailScanner[5160]: No files to extract
Feb 13 18:33:25 MailScanner[5160]: ProcessClamAVOutput: unrecognised
line No files to extract. Please contact the authors!
These are MailScanner errors, you should really post them to the
MailScanner list. The
On 2012-05-11 12:14, Cedric Knight wrote:
Hi
I'm seeing BC.Exploit.CVE_2012_0184 hit a wide variety of attachments as
of 14:40 UTC this afternoon. Will submit a sample the usual way, but
wanted to warn that it just seems to be quite extensive. (also
possibly BC.Exploit.CVE_2012_0165).
P900\Beyonce Knowles - Crazy In Love (2).wav: Exploit.W32.MS05-002 FOUND
p900\Evanescence - Bring Me To Life - Daredevil 2 (2).wav: Exploit.W32.MS05-002
FOUND
p900\robby-feel.wav: Exploit.W32.MS05-002 FOUND
Hello,
I don't suppose these files were submitted for analysis by the clamav
Sylvain Bouchet wrote:
Hi,
I want to install clamav on a server running RedHat Enterprise Linux 3
Red Hat Enterprise Linux ES release 3 (Taroon Update 4)
Kernel 2.4.21-20.0.1.EL on an i686
What version must I take ?
The doc tells about Fedora 1 or 2 at
I have RPMs and SRPMs for 0.83 available here : http://www.godshell.com/toaster
Enjoy.
Hello,
I am enjoying as we speak =)
Thank you,
Chris
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Hello,
Myself, as well as a collegue, have submitted 48 hours ago a file that
contains a virus; the Kaspersky anti-virus detects this file as being
infected with mytob-d.
According to sigtool --list-sigs, there is only the following MyTob
signatures:
Worm.Mytob.B
Worm.Mytob.A
Worm.Mytob.C
David Shows wrote:
What is the correct ClamAV rpm for Redhat Linux Enterprise 3, and where
can I find it?
The Dag repository will eventually have it, hopefully before there is any
active exploitation of the Clamav 0.87 flaws. I have come to depend (out of
laziness mostly) on that
Brian Morrison wrote:
On Tue, 08 Nov 2005 13:36:03 -0500 in [EMAIL PROTECTED] Chris
Conn [EMAIL PROTECTED] wrote:
Meanwhile I have rebuilt his .srpm with the newer source as a bit of a
crutch until the official dag release is made.
But that's exactly what Dag will do, there's no magic
update your defs, version 1245 gets it.
Payal Rathod wrote:
On Wed, Jan 18, 2006 at 07:04:27PM +0200, Cevher wrote:
You can create a temporary signature...
Please tell me how. I read signatures.pdf but ...
$ sigtools --md5 virus_file temp.hdb
What do I do after that? I use clamd, so do I
Hello,
If I can add to this discussion; since daily 23161 some RHEL5 systems
(pcre-6.6-9) are failing with that same error. A number of them have
down clamd at the moment.
Updating the PCRE manually doesn't seem like an option as it will break
dependancies for important packages, grep, php
(or CentOS5...) their clamd is now broken due to a package from
the base repository being older than what that particular signature
requires.
RHEL5 is not EOL for another 30 days :)
Chris
On 3/3/2017 3:33 PM, Leonardo Rodrigues wrote:
Em 03/03/17 17:31, Chris Conn escreveu:
Updating the PCRE
(the upcoming version) require pcre 7.
How does that sound?
--
Sent from my iPhone
On Mar 3, 2017, at 18:08, Chris Conn <cc...@abacom.com> wrote:
Hello,
I hope you don't mind my contact off-list, I don't want to make noise on it for
all. Apologies.
This new build, are we talking
nough
time to insist people upgrade.
Scott K
On Friday, March 03, 2017 11:21:30 PM Joel Esler wrote:
If we required pcre 7, it would allow us to publish this kind of sig in the
future of 99.3 and high versions by requiring a certain "flevel".
--
Sent from my iPhone
On Mar 3, 2017, at 1
Hello,
I hope you don't mind my contact off-list, I don't want to make noise on
it for all. Apologies.
This new build, are we talking about a daily.cvd (23162?) or a new build
of clam/pcre?
Thanks again in advance for your help,
Chris
On 3/3/2017 4:00 PM, Alain Zidouemba wrote:
We are
potAto, poTato...
I *did* write perl/pcre, didn't I? :-)
Oh well. At least I got you on the right track.
(Seem to remember a similar regexp notation which broke SA on EL5 a few
years ago)
BTW: Thanks for the pointer to the signature. Got lost in finding out
which it was.
Hello,
Yes
Hello,
I am trying to use the ClamdSocket tcp: and am successfully connecting
to port 3310 of a clamd daemon on remote hosts to scan using clamav-milter.
The hostname I configured points to a pool
ClamdSocket tcp:mypool.mydomain.com
this resolves to 4 IP addresses
I am surprised to see
Hello,
Is there anyone who knows how I can contact the EPEL clamav maintainer
for CentOS 8? Strangely there seems to be some missing systemd files
and the package dependancies do not work the same as in Centos7, so I
don't know if this is by design or some sort of bug. In any case, I
there
27 matches
Mail list logo
