PaulDotCom mailing list archives
Re: Clamav hacking
From: Jim Halfpenny <jim.halfpenny () gmail com>
Date: Tue, 6 Sep 2011 08:30:37 +0100
You could potentially DoS a machine by submitting multiple samples for analysis if that is permitted. Scanning can chew up a lot of CPU. Any bugs in the decoders/dissectors in clamav could be an entry point for a malicious sample but I am not aware of any such bugs. Think of the complexity of having multiple decoders for binary formats, packers and such. Regards, Jim On Tuesday, 6 September 2011, Nathan Gibbs <nathan () cmpublishers com> wrote:
On 9/5/2011 7:21 PM, Joel Esler wrote:I would love anything interesting regarding hacking a network instance of
ClamAV!
-- Joel Esler Sourcefire OpenSource Community Manager: Snort, ClamAV, Daemonlogger, and Razorback ;)LOL Joel, you already know what my ideas are. We will get there, but lets let some people smarter than me, you included, weigh in. -- Sincerely, Nathan Gibbs Systems Administrator Christ Media http://www.cmpublishers.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Clamav hacking Nathan Gibbs (Sep 05)
- Re: Clamav hacking Joel Esler (Sep 05)
- Re: Clamav hacking Nathan Gibbs (Sep 05)
- Re: Clamav hacking Jim Halfpenny (Sep 06)
- Re: Clamav hacking Joel Esler (Sep 06)
- Re: Clamav hacking Nathan Gibbs (Sep 06)
- Re: Clamav hacking Joel Esler (Sep 06)
- Re: Clamav hacking Nathan Gibbs (Sep 06)
- Re: Clamav hacking Nathan Gibbs (Sep 05)
- Re: Clamav hacking Joel Esler (Sep 05)