[clamav-users] Am I allowed to use yara rules?

Mon, 02 Sep 2019 13:03:09 -0700 

Hello,
today I got informed that I should not use the yara rules. They have major issues with clamav 1.0.1, ie memory leaks and complete failure of clamav. 


ls -al /var/lib/clamav/*.yar*

-rw-r--r-- 1 clamav clamav   465 Sep  2 17:50 
/var/lib/clamav/CVE-2010-0805.yar
-rw-r--r-- 1 clamav clamav   823 Sep  2 17:50 
/var/lib/clamav/CVE-2010-0887.yar
-rw-r--r-- 1 clamav clamav   442 Sep  2 17:50 
/var/lib/clamav/CVE-2010-1297.yar
-rw-r--r-- 1 clamav clamav   341 Sep  2 17:50 
/var/lib/clamav/CVE-2013-0074.yar
-rw-r--r-- 1 clamav clamav   903 Sep  2 17:50 
/var/lib/clamav/CVE-2013-0422.yar
-rw-r--r-- 1 clamav clamav   775 Sep  2 17:50 
/var/lib/clamav/CVE-2015-5119.yar
-rw-r--r-- 1 clamav clamav 10889 Aug 12 19:55 
/var/lib/clamav/EK_Angler.yar
-rw-r--r-- 1 clamav clamav 14659 Aug 12 19:55 
/var/lib/clamav/EK_Blackhole.yar
-rw-r--r-- 1 clamav clamav  3401 Aug 12 19:55 
/var/lib/clamav/EK_BleedingLife.yar
-rw-r--r-- 1 clamav clamav  1349 Aug 12 19:55 
/var/lib/clamav/EK_Crimepack.yar
-rw-r--r-- 1 clamav clamav  4688 Aug 12 19:55 
/var/lib/clamav/EK_Eleonore.yar
-rw-r--r-- 1 clamav clamav  8268 Aug 12 19:55 
/var/lib/clamav/EK_Fragus.yar
-rw-r--r-- 1 clamav clamav 16842 Aug 12 19:55 
/var/lib/clamav/EK_Phoenix.yar
-rw-r--r-- 1 clamav clamav  1860 Aug 12 19:55 
/var/lib/clamav/EK_Sakura.yar
-rw-r--r-- 1 clamav clamav  8488 Aug 12 19:55 
/var/lib/clamav/EK_ZeroAcces.yar
-rw-r--r-- 1 clamav clamav  1435 Aug 12 19:55 
/var/lib/clamav/EK_Zerox88.yar
-rw-r--r-- 1 clamav clamav   800 Aug 12 19:55 
/var/lib/clamav/EK_Zeus.yar
-rw-r--r-- 1 clamav clamav  1462 Jul  1  2015 
/var/lib/clamav/Sanesecurity_sigtest.yara
-rw-r--r-- 1 clamav clamav  1233 Feb 22  2016 
/var/lib/clamav/Sanesecurity_spam.yara




My question is where I can download a bunch of infected e-mails of all 
types to test clamav and see if it really crashes.



_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml






















					Reply via email to