Qmail-Scanner, (previously known as scan4virus) is an addon that enables a Qmail Email server to scan all gatewayed Email for certain characteristics. It is typically used for its anti-virus protection functions, in which case it is used in conjunction with commercial virus scanners, but also enables a site to react to Email (at a server/site level) that contains specific strings in particular headers, or particular attachment filenames or types.
b6c430c81efd41bd28e56fb60e6e1ecbd98e44346c2faad69ff164960f042247Whitepaper called "Embedding the Payload" or "How to avoid AV-Detection". The main goal of this paper focuses on how to undermine system integrity by circumventing anti-virus detection.
14edf4f453f8794728b0ac49c1d1ae57bab9b38e68a39ab9849188b3c9dd702dF-Secure Anti-Virus 2010 / 2011 and Internet Security 2010 / 2011 active-x SEH overwrite exploit.
b38eddf800c45049b97bae2be28253121ba1933544a054983303e953ef2b916fThis paper describes the results of a thorough examination of Sophos Antivirus internals. The author presents a technical analysis of claims made by the vendor, and publishes the tools and reference material required to reproduce their results. Furthermore, they examine the product from the perspective of a vulnerability researcher, exploring the rich attack surface exposed, and demonstrating weaknesses and vulnerabilities.
57ecb0848e5b99ef5678dc00d7aabb2718195a8bb23f387f2d5ff429df854455Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
91503f8cff482cac1f2c951c5d62a7da8a17ba3b32eb8fa2800e29c03c7cd58aWhitepaper called Fake Malware and Virus Scanners. Rogue security software reports a virus infection, even if your computer is clean. This kind of "software" could also fail to report viruses when your computer is infected. This document show what are the mechanisms to obfuscate this process.
0305582fef0a334d0098bff6db770a8a71c665735a44588fdd53e7b219351d8cWhitepaper called Client-Side Threats - Anatomy of Reverse Trojan Attacks. Client-side vulnerabilities are among the biggest threats facing users. Attackers are going after weaknesses in desktop applications such as browsers, media players, common office applications and e-mail clients to install malicious software, often Trojan horses and rootkits. This document explains in detail these threats while how to prevent them.
2c1afb10f1f364d84902aa704ae75b54b7d538279adb0348248fba3c6e22acf9Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
69e9c102d56348266b6597d6d401b0a5a2190e158b78e75ee0591f90479ed2caWhitepaper called Bypassing Anti-Virus Scanners.
8919103e539f8e08d30103803a77e6ad632dce79dedb8e58ee5be3b8dbcbf8c6ClamSAP consists of two C shared libraries that link between ClamAV and the Virus Scan Interface (VSI) of SAP (official name: NW-VSI). A SAP application can use the ClamAV engine to scan for malicious uploads in HTTP uploads, for example.
79f8fbe155a786d4d2f0925c98ddf63776ec0b2fa26df80b3911060b92cba64dClam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
ec5d88303c0a6e1d8e1354b68ae8c184faee7989aac11dfacff466d9e0471932Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
6c439b2282a805b2f1359b8dea65debf65568001904c2c2fdf05cec3cfde9cd2ACROS Security Problem Report #2011-01-11-1 - A binary planting vulnerability in F-Secure Internet Security 2010 and 2011, F-Secure Anti-Virus 2010 and 2011 and multiple other F-Secure products allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.
01f52cb96345599ee288a5aaf14347b748cc0327df5569dc06d00aff5958486bESTsoft ALYac Anti-Virus 1.5 versions 5.0.1.2 and below local kernel mode privilege escalation exploit.
3f2ad9346053fe68522b374ee5555a7073ebc22d57e5e70dd6876d32348fda11NProtect Anti-Virus 2007 versions 2010.5.11.1 and below local kernel mode privilege escalation exploit.
7aa3139aa141fd361b9e82cc2ef15b355832b22280cf778db25220451462bc33Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
83a683d51eceb5aaf0c249efb3d9d95aa4fd8bbc1f05817ab7b1030f6d84d059ClamSAP consists of two C shared libraries that link between ClamAV and the Virus Scan Interface (VSI) of SAP (official name: NW-VSI). A SAP application can use the ClamAV engine to scan for malicious uploads in HTTP uploads, for example.
a1601e8dae3e8aa5f1ef300b7254af18c87da9bf29e9ce82b572484b9e442ec8Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
6ead46f6a1115f02ed14a1190a64e20d3360ef267e1aa77ede44d03c3d70ebaeSecunia Security Advisory - A vulnerability has been reported in Barracuda Spam & Virus Firewall, which can be exploited by malicious users to disclose sensitive information.
1d60774803094d83fb1c5e473f2f066dbe186d502a9d95b7021d99d0d64c5ad5Barracuda Networks Spam and Virus Firewall versions 4.1.1.021 and below remote configuration retrieval exploit.
165ba97992e737fdb6fac9ce7c4bbf11e171a5ef6e1c4b1cdecc39389d32668dClam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
db324d50a2d4e71a9b647198a607e56b952eb480f75ad6a28231d1f713736c8bClam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
6aa0b0d96ed25ffb4b5aca53f6348978c94771503c299f86e480fef475abcefaThis vulnerability allows local attackers to execute arbitrary code in kernel space on vulnerable installations of Sophos Anti-Virus. Local access to the system is required to leverage the vulnerability. The specific flaw exists in the handling of the system call NtQueryAttributesFile by the filter driver savonaccessfilter.sys. Due to improper handling of parameters to the function pool corruption can occur in kernel space. A local attacker can leverage this to execute arbitrary code in ring 0.
fdbd68ea6a72bd82b979a735c87645b3df846a705d606712fa1d183fd49b65d4Secunia Security Advisory - A vulnerability has been reported in Sophos Anti-Virus, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.
9edaaa85bd1e91418605d413af6147678d0d63e242610f8c1f05bad9754d0eb0Mandriva Linux Security Advisory 2010-082 - ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities. The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka.Q) compression format. NOTE: some of these details are obtained from third party information. This update provides clamav 0.96, which is not vulnerable to these issues. Packages for 2009.0 are provided due to the Extended Maintenance Program.
01916f1257f5750f983fb3c22bd70d378c39701cb1ea591bfd03313e40e54003
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed