| George A. Theall via plug on 21 Feb 2023 14:24:10 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] ClamAV vuln |
On Tue, Feb 21, 2023 at 03:01:49PM -0500, Walt Mankowski via plug wrote:
That seems pretty darn rare to me. When’s the last time you shared a file with someone where it wasn’t either online or on a flash drive?And even so, what’s the attack vector here?
Cisco's advisory says an attacker can exploit it by "submitting a crafted HFS+ partition file to be scanned by ClamAV". Given ClamAV runson things like mail servers, it seems wormable to me.
George -- theall@tifaware.com ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug