On Mon, 01 Mar 2004 at 21:04:55 -0500, Derrick 'dman' Hudson wrote: > > Is the zip file really encrypted, or is the password just an
Really. > "advisory" flag that an unzip tool is supposed to honor? If its the > latter, then clamav could just ignore the password to unpack and scan > the archive anyways. As yesterday Diego d'Ambra added a signature Worm.Bagle.F-zippwd for email messages with password protected variant of Worm.Bagle.F, ClamAV should detect such messages. I mean _messages_. Not zip files themselves. So please folks, stop submitting encrypted zip files (without a full message) to us as it's quite impossible to create a signature for them. -- Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only [EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros. [EMAIL PROTECTED] http://www.ClamAV.net/ A GPL virus scanner ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
