ClamAV || Oversized.zip

Erik van der Leun evanderleun at hal9000.nl
Tue Nov 21 15:11:42 GMT 2006


Hi,

A ClamAV feature to protect against DoS alike attacks checking filesizes 
and such
in zipfiles, creates this message, causing attachments to end up in the 
quarantine,
although all other scanners claim the attachment is harmless...

# clamscan test.zip
test.zip: Oversized.Zip FOUND

I've googled bits and pieces together and am pretty sure it's a flaw in 
ClamAV.
Some dubious solutions are presented, by hacking sourcecode of 
libclamav, but
I've decided to disable clamav for a while (on certain servers that is).

If anybody's got better advice, I'd be grateful :)

Kind regards,
Erik van der Leun

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.mailscanner.info/pipermail/mailscanner/attachments/20061121/0c9cc421/attachment.html


More information about the MailScanner mailing list