|
jeffv via plug on 21 Feb 2023 07:21:52 -0800
|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
- From: jeffv via plug <plug@lists.phillylinux.org>
- To: "plug@lists.phillylinux.org" <plug@lists.phillylinux.org>
- Subject: [PLUG] ClamAV vuln
- Date: Tue, 21 Feb 2023 10:21:46 -0500
- Authentication-results: smtp02.aqua.bos.sync.lan smtp.user=jeffv@op.net; auth=pass (LOGIN)
- Dkim-signature: v=1; a=rsa-sha1; d=op.net; s=20180222; c=relaxed/simple; q=dns/txt; i=@op.net; t=1676992907; h=From:Subject:Date:To:MIME-Version:Content-Type; bh=xtE8uv1nRW3SmFGhaKZOYDWMeN8=; b=thifmh8TzXqGHJrgbqdKnAdbfOBylcbMMfsweT2DQ3bASG1wzgvxJ3GRl90AYGdr vVyxqhtDZx5flfPnJfqYhn03fpfJAFIVi3FVCMM/vDHRPBujsPbGudBwrrRF1gJy JATx88PD6jC8vLcpswSShWz1rFCOnCihf9WKE6Tug6eRtvc1BRB/qksOeQFLjsgb ukPREta5YZQ5NL5MXFwdwzUS1Xm+3H9WjKDeNqKE6NrX3wGUMrDourKs5ItS0haA N2iHBhHmxYFLnxw/t4w9O1ZXu0MGL7wZUy3iJ+zk96wkdc/C+DaX0vL+Fzyms8Pa ioxdf5s2JIuYM9ahYVnvAg==;
- Reply-to: jeffv <jeffv@op.net>
- Sender: "plug" <plug-bounces@lists.phillylinux.org>
Antivirus apps are there to protect you – Cisco's ClamAV has a heckuva
flaw
https://www.theregister.com/2023/02/17/cisco_clamav_critical_flaw/
"A vulnerability in the HFS+ partition file parser of ClamAV versions
1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could
allow an unauthenticated, remote attacker to execute arbitrary code,"
states Cisco's security advisory, which identifies the issue as
CVE-2023-20032.
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug