clamav output bug(s)

David Jacobson davidj at synaq.com
Mon Nov 1 07:56:08 GMT 2004 

Hi All,

While debugging my setup I found two random files lying around in my
directory to send through to me... (quite ironically) both random files
produced clamav output errors:

d476a0e8cac2d1f7e6e6f70cb451cb39  lrk4.shad.tar.gz
0e5efa08578bccffeda7577b24ee28dc  ssh_2.5.2p2-1_i386.deb

You can find a copy of these files at www.leet.org/debug

Please be careful as lrk4 is an old rootkit.

Attached please find the clamav output error (clamav_output.log)

Maybe this could be squeezed in before the latest stable is released!

Running on
Linux securemx1.synaq.com 2.6.8-1.521custom #1 SMP Thu Sep 30 15:42:46
SAST 2004 i686 i686 i386 GNU/Linux
This is Fedora Core release 2 (Tettnang)
This is Perl version 5.008003 (5.8.3)

This is MailScanner version 4.34.8
Module versions are:
1.00    AnyDBM_File
1.13    Archive::Zip
1.01    Carp
1.119   Convert::BinHex
1.00    DirHandle
1.05    Fcntl
2.72    File::Basename
2.07    File::Copy
2.01    FileHandle
1.06    File::Path
0.14    File::Temp
1.27    HTML::Entities
3.35    HTML::Parser
2.28    HTML::TokeParser
1.21    IO
1.10    IO::File
1.122   IO::Pipe
3.03    MIME::Base64
5.413   MIME::Decoder
5.413   MIME::Decoder::UU
5.413   MIME::Head
5.413   MIME::Parser
3.03    MIME::QuotedPrint
5.413   MIME::Tools
0.09    Net::CIDR
1.07    POSIX
1.76    Socket
0.04    Sys::Syslog
1.02    Time::localtime

Optional module versions are:
1.808   DB_File
1.05    Digest
1.01    Digest::HMAC
2.33    Digest::MD5
2.33    Digest::MD5
2.01    Digest::SHA1
missing Inline
missing Mail::ClamAV
3.000001        Mail::SpamAssassin
missing Mail::SPF::Query
missing Net::CIDR::Lite
0.23    Net::DNS
missing Net::LDAP
missing Parse::RecDescent
missing SAVI
missing Sys::Hostname::Long
2.40    Test::Harness
0.47    Test::Simple
1.95    Text::Balanced
1.19    URI

-- 
Regards,

David Jacobson
Technical Director
SYNAQ (Pty) Ltd

Tel:    011 290 6388
Cell:   083 235 0760
Mail:   davidj at synaq.com
WWW:    http://www.synaq.com	

Key Fingerprint
8246 FCE1 3C22 7EFB E61B  18DF 6E8B 65E8 BD50 78A1

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

    [ Part 1.2, Text/X-LOG (charset: UTF-8 "Internet-standard Unicode") ]
    [ (Name: "clamav_output.log")  1,289 lines. ]
    [ Unable to print this part. ]


    [ Part 2, "This is a digitally signed message part"  ]
    [ Application/PGP-SIGNATURE  196bytes. ]
    [ Unable to print this part. ]

More information about the MailScanner mailing list