JPEG Virus
Rick Cooper
rcooper at DWFORD.COM
Tue Sep 28 18:39:53 IST 2004
> -----Original Message-----
> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
> Behalf Of Spicer, Kevin
> Sent: Tuesday, September 28, 2004 10:19 AM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: JPEG Virus
>
>
>
>
> -----Original Message-----
> From: Leonardo Helman [mailto:mailscanner at LISTS.COM.AR]
>
> > ClamAV JPEG Exploit (MS04-028) Detection
> > nervoso - 2004-09-28 06:30 - Clam AntiVirus
> >ClamAV 0.80rc3 successfuly detects JPEG files with modified comment
> section that allows >attackers to remotely execute arbitrary code on
> unpatched Windows machines.
>
>
> >I was running the stable version, 0.75-1, but it didn't catch this.
> >I didn't have trouble with the upgrade (from sources), the rpm isn't
> there yet.
>
> That's because this kind of detection is only supported with 0.80rc3
> (and maybe 0.80rc2?)
>
0.80rc2 doesn't detect it, must use 0.80rc3
Rick
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
More information about the MailScanner
mailing list