clamav-users November 2007 archive
| Main Archive Page > Month Archives > clamav-users archives |
Re: [Clamav-users] ClamAV Vulnerability
From: David F. Skoll <dfs_at_nospam>Date: Tue Nov 20 2007 - 12:42:27 GMT
To: ClamAV users ML <clamav-users@lists.clamav.net>
Sean Doherty wrote:
> Anyone know if there is any substance to this vulnerability claim?
> http://wabisabilabi.blogspot.com/2007/11/focus-on-clamav-remote-code-execution.html
Well, you'd have to bid on it to know for sure, I suppose...
It wouldn't surprise me. Clam has a rather checkered security history, and some of its code is pretty convoluted. But I don't feel like bidding 500 Euros to find out for sure. :-)
Regards,
David.
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html