[Mimedefang] Mimedefang and clamd configuration problems
Les Mikesell
les at futuresource.com
Wed Dec 21 15:58:15 EST 2005
On Wed, 2005-12-21 at 14:41, David F. Skoll wrote:
> [...]
>
> > But ClamAV is not likely to be exploited... AV software tends to be
> > more secure than software in-the-main.
>
> *cough* I don't think so.
>
> Clam 0.87.1 fixed a security bug.
> Clam 0.87 fixed a security bug.
> Clam 0.86.2 fixed a security bug.
> Clam 0.86.1 fixed a DoS bug.
> Clam 0.86 fixed a DoS bug.
>
> I think you get the picture...
>
> (Btw, if I seem to be picking on Clam, I'm not. Most AV software is
> horribly hairy, because it tries to deal with
> zip/tar/gzip/bzip2/lha/zoo/arc/your_weird_format_here files. With all those
> wacky uncompressors and file formats, bugs will inevitably creep in.)
Yes, odd you should mention this today - Symantec has exactly
that problem:
http://news.zdnet.com/2100-1009_22-6004097.html?tag=nl.e589
and the article mentions a couple of others.
--
Les Mikesell
les at futuresource.com
More information about the MIMEDefang
mailing list