clamscan - oversized zip, workaround?
Peter Bonivart
peter at UCGBOOK.COM
Wed Jan 14 23:07:00 GMT 2004
> Yes. Keep in mind that others proposed a value of 70. I do not really
> know what this value does. 50 fixed it for me so far but I cannot
give > a guarantee.. :-)
The value is simply the compression ratio allowed before it's considered
to be a Zip of Death which is a sort of denial of service attack.
The default value of 20 allows zip files compressed to 1/20th the size
of the original.
/Peter Bonivart
--Unix lovers do it in the Sun
Sun Fire V210, Solaris 9, Sendmail 8.12.10, MailScanner 4.25-14,
SpamAssassin 2.61 + DCC 1.2.21, ClamAV 0.65 + GMP
More information about the MailScanner
mailing list