[33611] in bugtraq
Re: clamav 0.65 remote DOS exploit
daemon@ATHENA.MIT.EDU (Khalid J Hosein)
Wed Feb 11 13:41:50 2004
Message-ID: <40282F35.4080908@isx.com>
Date: Mon, 09 Feb 2004 17:09:09 -0800
From: Khalid J Hosein <khosein@isx.com>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
In-Reply-To: <1076333086.11485.ezmlm@securityfocus.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
> Nigel Horne wrote:
>
>> I tried reproducing the problem with the latest source in CVS, but
>> had no problems.
>> 0.65 is rather old, please try again with the latest version.
>
>
> 0.65 ist the latest stable (release) version, so I guess most
> production servers would
> run it, instead of an CVS snapshot.
>
> -Oliver
I also tried reproducing the problem using the release version, but
could not duplicate the results (clamd crash).
I'm interested though in finding out if others can in fact duplicate
this behaviour, and if you can, what the end effect is if you're passing
requests to clamd from amavisd-new
(http://www.ijs.si/software/amavisd/). Thx!
_Khalid
