Re: Antivirus- Clamscan - Exploit.IFRAME.Generic
On Sun, Jun 15, 2003 at 01:48:17PM +0530, SRIKANTH NS wrote:
> Hi All
> I installed clamav sometime back. Since I thought Linux is immune from
> virii(mistakenly) I never scanned Linux partitions.
>
> Yesterday I did a scan "clamscan -i -r /home/srikanth"
> It reported 2 files apart from test signature files with klez virus.
> I removed it "clamscan --remove /home/srikanth"
>
> Today I updated the virus databse "freshclam"
> Again I scanned. It reported the following
>
> Exploit.IFRAME.Generic
>
> in 77 files . All the files were .htm files I saved in a particular
> directory .
>
> Has anybody come across this?
>
> Of course I removed them. I do not know whether this is a virus or
> trojan or
> worm.
Basically, neither. Iframe exploits are just that : html <iframe>
constructs that trick some browsers (read: internet explorer) into
executing some code. This is harmless on a linux system.
It is possible that some iframe constructions are considered suspect by
clamav, without actually being viruses.
Frank
> Any info or update on this will be highly appreciated.
>
> TIA
>
> N S Srikanth
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: