[11083] in bugtraq
Re: AMaViS virus scanner for Linux - root exploit
daemon@ATHENA.MIT.EDU (Ian Whalley)
Tue Jul 20 20:12:21 1999
Message-Id: <19990719184720.35963.qmail@securityfocus.com>
Date: Mon, 19 Jul 1999 18:47:20 -0000
Reply-To: ian@WHALLEY.ORG
From: Ian Whalley <ian@WHALLEY.ORG>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <004701bed030$af3f9560$1400010a@seifried.org>
>To add insult to injury: a week or two ago I attempted to
>contact him (also with no luck) about a nasty bug, when
>using Sophos (and likely other anti virus software) AMaViS
>was not picking up on the updates, that is the updated IDE
>files in /opt/ide, and defined as SAV_IDE=/opt/ide were
>not being used by AMaViS, however from the command line,
>using the "sweep" command they were picked up fine, this
>means AMaViS doesn't generally pick up on BO2K, etc.
The solution to this is simple -- wrap SWEEP [the Sophos
scanner] in a shell script which sets SAV_IDE before
running the SWEEP binary.
Best;
I. [former SWEEP developer]
