ClamAV Alert about new config version

michelandre · November 23, 2021, 11:28pm

Hi all,

Since a few day I am receiving a new message about Php.Exploit.C99-27 and not Php.Exploit.C99-23.

------------------------------------
	Mon Nov 22 23:24:01 2021
Scanned Folder: //var/lib/clamav-unofficial-sigs/dbs-lmd/sigpack.tgz: Php.Exploit.C99-27 FOUND
/var/lib/clamav-unofficial-sigs/dbs-lmd/sigpack.tgz: moved to '/var/spool/clamav/quarantine/sigpack.tgz.002'

----------- SCAN SUMMARY -----------
Known viruses: 8579279
Engine version: 0.103.4
Scanned directories: 79075
Scanned files: 422985
Infected files: 1
Data scanned: 53835.26 MB
Data read: 67385.07 MB (ratio 0.80:1)
Time: 14943.443 sec (249 m 3 s)
Start Date: 2021:11:22 23:24:01
End Date:   2021:11:23 03:33:05

Is it the same kind of problem ?

Michel-André

dnutan · November 24, 2021, 2:12pm

Yes, it seems so (avoid scanning signatures ).

michelandre · November 25, 2021, 2:34pm

Hi @dnutan,

I did an update of NethServer and in the last 2 days, no more message of Infected files.

Michel-André