Possibly a noob question but I'm a noob to this forum :)
I know that scanning with --detect-oua in the command line is going to throw a few false positives. However is there a place that common false positives can be either registered or looked up?
I've got an Ubuntu server with webmin installed for use by a developer. The clamscan below returns two false positives. The CVE is an IE exploit to do with the clipboard - possibly the code lets that happen, the other I dont know what the issue is - no real warning info.
When looking it up on Google I got no hits, Virustotal says no issues - so thus my question. If there was a central repository of PUAs by product etc it would make eliminating theme easier.
Ubuntu 14.10 LTs, Latest freshclam, Latest version of clam obtainable via apt-get, latest version of webmin.
me@somewhere:/home/me# sudo clamscan -r -i --detect-pua /usr/share/webmin/
/usr/share/webmin/ajaxterm/ajaxterm/ajaxterm.js: PUA.Http.Exploit.CVE_2015_1692 FOUND /usr/share/webmin/authentic-theme/unauthenticated/js/tinymce/plugins/preview/plugin.min.js: PUA.HTML.Infected.WebPage-1 FOUND
----------- SCAN SUMMARY ----------- Known viruses: 3945421 Engine version: 0.98.7 Scanned directories: 1514 Scanned files: 23280 Infected files: 2 Data scanned: 72.23 MB Data read: 42.24 MB (ratio 1.71:1) Time: 38.454 sec (0 m 38 s) _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
