Hi,
I see that a similar reported problem was fixed (RFC2298 fixes) but I
have a slightly different problem.
After some debugging, I can see that clamav doesn't seem to be able to
scan POSIX tar archives (returns "Bad format or broken data ERROR")
while GNU tar archives are fine.
I used 'file'
I'll forward it.
Thanks very much for the interest.
-S
--
Steve Brown
Unix Systems Manager
Accenture Data Centre, QinetiQ Farnborough
FRN (802) 4416 +44 1252 394416
---
This SF.net email is sponsored by:
Julian Mehnle wrote:
References:
1. http://julian.io.link-m.de/misc/rejected-messages
Very nice. What did you use to create that?
Steve
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Tomasz Kojm wrote:
Yes, the internal unpacker for rar archives doesn't handle v3 rar
archives. Try clamscan --unrar /path/to/unrar for this.
Funnily enough I was just about to compose a message about this on the
devel list but thought I'd better check here first.
I'm getting probably the same viru
mdscan seem to scan in an infinite loop,
certainly it's still scanning dodgy.eml after 40 minutes...
-S
--
Steve Brown
Unix Systems Manager
___
http://lurker.clamav.net/list/clamav-users.html
Hi list,
Is it just me, or has the recent CVS changes around the logg() function
broken logging to /dev/stderr?
It would appear that maybe privileges are being dropped too quickly
because with today's cvs I'm getting permission denied on /dev/stderr
with perms = rw--- root.root. It was f
I said:
with perms = rw--- root.root. It was fine (and still is) on cvs from
Stephen Gran wrote:
Yes, that is the problem. This does however fix the problem of clamav
opening all it's descriptors (including the logfile) as root, breaking
permissions for anything else that needs to write t
Guys,
Can anyone offer a Clam virus name for the following Sophos names?
Troj/Agent-BX
Troj/Agent-T
Troj/DDrop-A
Troj/Dloader-KF
Troj/Dloader-KZ
Troj/Lecna-C
Troj/Nethief-M
Troj/Nethief-N
Troj/Nethief-O
Troj/Netter-A
Troj/Riler-E
Troj/Riler-F
Troj/Riler-J
Troj/RPE-A
Troj/Sharp-A
Troj/VBDrop-A
WM
I've noticed that today's (maybe also recent versions) development
version of clam no longer detects W32/Mytob-BP (Sophos).
I have several samples which are declared fine by ClamAV
(devel-20050721/985/Thu Jul 21 13:14:39 2005), but correctly flagged as
infected by both another server not quite as
Hi guys,
Can somebody confirm that the upx.c buffer overflow vulnerability
referred to at http://secunia.com/advisories/18379 (2006-01-10) is the
one that was fixed in CVS on Sept 16.
Steve
___
http://lurker.clamav.net/list/clamav-users.html
Tomasz Kojm wrote:
>>Can somebody confirm that the upx.c buffer overflow vulnerability
>>referred to at http://secunia.com/advisories/18379 (2006-01-10) is the
>>one that was fixed in CVS on Sept 16.
> No, that's not that one.
Ok, thanks for the prompt answer.
Can you tell me if the Secunia vuln
Stephen Gran wrote:
> No, sorry, it should be the CVS commit on Tue Jan 10 00:46:40 2006 - I
> had Sept 16 selected for diffs and got stupid about which was which.
Aha, got it!
Thanks very much for your help.
-S
___
http://lurker.clamav.net/list/clama
I'm running ClamAV 0.88.2 via daemontools and qscanq for use with
qmail. I've been having an issue with clamd not being unable to
allocate memory. From the logs (as an example):
2006-06-27 08:36:36.985532500 LibClamAV Error: cli_malloc(): Can't
allocate memory (123 bytes).
2006-06-27 08:36:36.9
Have you tried running clamav without softlimit?
No, but that doesn't seem like a long-term solution. I'll give it a
whirl just to see what happens, but I don't want to leave a deamon
running without limits forver.
___
http://lurker.clamav.net/list/cl
Can you tie your problems up with particular mails from your logs ? I've
found Clam is very greedy on big MIME mails, as it stores the entire mail
in RAM whilst extracting the attachments.
The last few that have triggered this condition seem to be caused by
large files. I will get a log like:
At any rate, I'm running without a softlimit right now so we will see
what happens. Other avenues to persue would be helpful.
Well, I've been running clamd for the last few days without softlimits
and have had no problems with it choking. I've reviewed the logs and
see several messages where t
Thanks for the tips all. I've implemented a max attachment size on
qmail to try and block some of this ridiculous stuff. I always went
through the entire config file and updated it with new options
available in 0.88.2. That config file was probably the same one I was
using when I started using
17 matches
Mail list logo
