Found your message. Thanks Al! (and sorry for my forgotten subject ... :-( )
Steffen > I sent a note out on this yesterday with reference to most Mac OS X users > who have /usr/php/install-pear-nozlib.phar on their hard drives, having > already submitted the file as an FP. Since then there have been a couple of > other Unix users report similar results and a promise to get back to us, but > nothing yet. > > Check the list archive for details. > > Whether it's of any consequence or not depends on what version of PHP you > have. The CVE was reported back in January and concerned PHP 5.3.8 which > was apparently patched with PHP 5.4.0, but that's all I can seem to find > out. > > > -Al- > > -- > Al Varnell > Mountain View, CA > > On 10/17/12 12:11 AM, "Steffen Ewert" wrote: > > > Hi, > > > > with the newest DB (updated 4hours ago) I get the following virus detection: > > > > /share/c-on/download/Netzwerk/WebTools/DokuWiki/dokuwiki-2011-05-25a.tgz: > > PHP.Exploit.CVE_2011_4153-2 FOUND > > /share/c-on/download/Netzwerk/WebTools/DokuWiki/dokuwiki-2009-12-25c.tgz: > > PHP.Exploit.CVE_2011_4153-2 FOUND > > > > I assume this must be a wrong detection because both files wasn't changed > > since I had downloaded it (my backup application calc's every night a > > checksum > > of each file and only if the checksum differs the file will be backup again > > and the last time of the backup of both files was the day I have downloaded > > and stored the files). > > > > May be there are also other DokuWiki tgz files with this virus detection. I > > have only stored this both dokuwiki tgz files on my disk. > > > > Any other there which can confirm this (hopefully) wrong virus detection > > with > > the newest DB? > > > _______________________________________________ > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > http://www.clamav.net/support/ml > _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
