Re: Re: clamav and magic byte
> "...Andrey Bayora just describes one way to create new viruses, there are
Please, read http://www.securityelf.org/magicbyteadv.html - there are 13 CVE
numbers issued for this BUG.
If it is not - why AV vendors issues patches for this "issue"?
The "new viruses" opinion comes mostly from AV companies that did not want
to believe that their AV has such trivial BUG.
But, you don't must to accept my point of view.
* Geoff Crompton:
> Anyone know if clamav is vulnerable to the magic byte detection evasion
> issue discussed at http://www.securityfocus.com/bid/15189?
> Or alternatively, can anyone work out if it is vulnerable?
It is vulnerable only in the sense that it doesn't detect viruses for
which there aren't any signatures yet.
In <http://www.securityelf.org/magicbyte.html>, Andrey Bayora just
describes one way to create new viruses, there are countless others.