clamav-devel February 2014 archive
Main Archive Page > Month Archives  > clamav-devel archives
clamav-devel: Re: [Clamav-devel] Possible bypass via gz?

Re: [Clamav-devel] Possible bypass via gz?

From: Matt Olney <molney_at_nospam>
Date: Sun Feb 23 2014 - 00:08:46 GMT
To: ClamAV Development <clamav-devel@lists.clamav.net>

Nope. This isn't a vulnerability, just a false negative.

On Sat, Feb 22, 2014 at 4:46 PM, Brandon Perry <bperry.volatile@gmail.com>wrote:

> Hey guys,
>
> Is this going to need a CVE? I can forward the info onto oss-sec list
> and get a CVE assigned.
>
>
> On 02/17/2014 08:12 AM, Matt Olney wrote:
> > Thanks, Bradon. We'll review this.
> >
> >
> > On Sun, Feb 16, 2014 at 7:29 PM, Brandon Perry <
> bperry.volatile@gmail.com>wrote:
> >
> >> Hi,
> >>
> >> Not sure if this person is using an old version of ClamAV and I haven't
> >> attempted this, but he alleges he has found a way to bypass gzip'ed
> >> tarballs by modifying a specific byte within the headers.
> >>
> >>
> >> http://www.exploit-db.com/wp-content/themes/exploit/docs/31685.pdf
> >>
> >> Hope this is the correct place to report this.
> >> _______________________________________________
> >> http://lurker.clamav.net/list/clamav-devel.html
> >> Please submit your patches to our Bugzilla: http://bugs.clamav.net
> >>
> > _______________________________________________
> > http://lurker.clamav.net/list/clamav-devel.html
> > Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
> _______________________________________________
> http://lurker.clamav.net/list/clamav-devel.html
> Please submit your patches to our Bugzilla: http://bugs.clamav.net
>
_______________________________________________
http://lurker.clamav.net/list/clamav-devel.html
Please submit your patches to our Bugzilla: http://bugs.clamav.net