clamav-users May 2014 archive
Main Archive Page > Month Archives  > clamav-users archives
clamav-users: Re: [clamav-users] clamav-0.98.3 does not pass vul

Re: [clamav-users] clamav-0.98.3 does not pass vulnerability scan

From: Matus UHLAR - fantomas <uhlar_at_nospam>
Date: Tue May 20 2014 - 08:54:17 GMT
To: clamav-users@lists.clamav.net

On 20.05.14 16:22, anctop wrote:
>Both clamav-milter & clamd were still working after the "attack" by the scan.
>
>Our config files assume default values for recursive scanning.
>I'd like to know if the recursion depth is lowered, will clamd fail to
>detect those viruses deeply hidden in nested directories ?

Well, no idea. The scanning will finish with exit code indicating that it
was not able to scan the whole structure.

There used to be ArchiveBlockMax option that instructed clamav to report
infection (with pseudo virus name) but it was removed and I don't see the
replacement for it.

I also don't see how should clamav-milter behave here.

Maybe I should try to test scanning archive of 16 nested directories to see
the results...

-- Matus UHLAR - fantomas, uhlar_at_fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I intend to live forever - so far so good. _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml