Re: clamav and magic byte

To: Geoff Crompton <geoff.crompton@strategicdata.com.au>
Cc: debian-security@lists.debian.org
Subject: Re: clamav and magic byte
From: Florian Weimer <fw@deneb.enyo.de>
Date: Thu, 03 Nov 2005 06:38:00 +0100
Message-id: <[🔎] 87y846mguf.fsf@mid.deneb.enyo.de>
In-reply-to: <[🔎] 436985FA.2060809@strategicdata.com.au> (Geoff Crompton's message of "Thu, 03 Nov 2005 14:37:30 +1100")
References: <[🔎] 436985FA.2060809@strategicdata.com.au>

* Geoff Crompton:

> Anyone know if clamav is vulnerable to the magic byte detection evasion
> issue discussed at http://www.securityfocus.com/bid/15189?
>
> Or alternatively, can anyone work out if it is vulnerable?

It is vulnerable only in the sense that it doesn't detect viruses for
which there aren't any signatures yet.

In <http://www.securityelf.org/magicbyte.html>, Andrey Bayora just
describes one way to create new viruses, there are countless others.

Reply to:

References:
- clamav and magic byte
  - From: Geoff Crompton <geoff.crompton@strategicdata.com.au>

Prev by Date: clamav and magic byte
Next by Date: volunteer computer-geek to help us for FREE? please contact !
Previous by thread: clamav and magic byte
Next by thread: Re: Re: clamav and magic byte
Index(es):
- Date
- Thread