Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
0a12ebdf6ff7a74c0bde2bdc2b55cae33449e6dd953ec90824a9e01291277634
Avast Anti-Virus versions prior to 19.1.2360 suffer from a local credential disclosure vulnerability.
bd00c94a5b38b02a7aead2c9bbb8a31f08be2308a40962507aacebbb3671b1bd
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
fa368fa9b2f57638696150c7d108b06dec284e8d8e3b8e702c784947c01fb806
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
f12a5ad86bc4e0bde6cad2d30c49c7daab184cba7ce631909434b5d9533a5ad2
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
4a2e4f0cd41e62adb5a713b4a1857c49145cd09a69957e6d946ecad575206dd6
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
84e026655152247de7237184ee13003701c40be030dd68e0316111049f58a59f
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
c5c5edaf75a3c53ac0f271148fd6447310bce53f448ec7e6205124a25918f65c
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
d72ac3273bde8d2e5e28ec9978373ee3ab4529fd868bc3fc4d2d2671228f2461
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
00fa5292a6e00a3a4035b826267748965d5d2c4943d8ff417d740238263e8e84
Anti-Virus solutions are split into several different components (an unprivileged user mode part, a privileged user mode part and a kernel component). Logically the different systems talk to each other. By abusing NTFS directory junctions it is possible from the unprivileged user mode part ("the UI") to restore files from the virus quarantine with the permissions of the privileged user mode part ("Windows service"). This may results in a privileged file write vulnerability.
7e5e2eeec5863b5ec1f6f099ae65481e3ec78f2df7b81c96f35a7b5b269bbcd5
Vir.IT eXplorer Anti-Virus suffers from a privilege escalation vulnerability.
5758a680a8b760819f59763fee8432040b4935fce44b576cf2c24ca742ce21f7
pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.
b3fe02a7507c7edb286076361e381395bd1bef413c6345c139976657bcad9e17
Kaspersky Anti-Virus for Linux File Server version 8.0.3.297 suffers from remote code execution, cross site request forgery, cross site scripting, security bypass, information disclosure, and path traversal vulnerabilities.
1011f2188afe2cfa015134b365c225eb892ed298b59a2beb4cc63a8e09cdc1b0
In order to inspect encrypted data streams using SSL/TLS, Kaspersky installs a WFP driver to intercept all outgoing HTTPS connections. They effectively proxy SSL connections, inserting their own certificate as a trusted authority in the system store and then replace all leaf certificates on-the-fly. This is why if you examine a certificate when using Kaspersky Antivirus, the issuer appears to be "Kaspersky Anti-Virus Personal Root". Kaspersky's certificate interception has previously resulted in serious vulnerabilities, but quick review finds many simple problems still exist. For example, the way leaf certificates are cached uses an extremely naive fingerprinting technique. Kaspersky cache recently generated certificates in memory in case the user agent initiates another connection. In order to do this, Kaspersky fetches the certificate chain and then checks if it's already generated a matching leaf certificate in the cache. If it has, it just grabs the existing certificate and private key and then reuses it for the new connection. The cache is a binary tree, and as new leaf certificates and keys are generated, they're inserted using the first 32 bits of MD5(serialNumber||issuer) as the key. If a match is found for a key, they just pull the previously generated certificate and key out of the binary tree and start using it to relay data to the user-agent. You don't have to be a cryptographer to understand a 32bit key is not enough to prevent brute-forcing a collision in seconds. In fact, producing a collision with any other certificate is trivial.
62a363de88e0143fb1b6e4fbc89e03980ce4d3bb71f50510388690356f2ef1c2
McAfee Virus Scan Enterprise for Linux suffers from a remote code execution vulnerability.
26d7834cf5815b1060880e6f39aced196e9baa8ba2abaefb8044358b1c90a16b
Tinycrypt.asm is a training ransomware virus that is fully configurable to your needs but it is designed to be very controllable. It was designed to be used with the PoShFoTo incident response toolkit.
d69c41d85e494c771d84d2ee2805586148307dc2162ea290443e61ae27b7d432
This Metasploit module exploits a remote command execution vulnerability in the Barracuda Spam and Virus firewall firmware versions 5.1.3.007 and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configuration on the local machine.
808ddc4f2e9d4a40b867ca92e98217e9170d718d92040b6e9e8b3c8f3b5a6144
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
167bd6a13e05ece326b968fdb539b05c2ffcfef6018a274a10aeda85c2c0027a
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
e144689122d3f91293808c82cbb06b7d3ac9eca7ae29564c5d148ffe7b25d58a
The Comodo Anti-Virus GeekBuddy component suffers from a dll hijacking vulnerability.
0ae11a3b5d1a8b5d4ad2898c2bb2c564fc813ee736345fafa943c80c22c0bf1c
pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.
9921a582c45baa34dabb357c548c5ed331b9a39334881b3a784b593680b07ba0
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
d2792c8cfadd685fffc40b2199679628815df031fd3149ccf961649fc8787ea9
pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.
75b14da0889ae1ac5b01caf8b302bd7818ea4819dce8a42f776d3190c4e57cfc
The SySS GmbH found out that the administrator password for protecting different functions of the Kaspersky Anti-Virus software, like managing backups or stopping protection services, is stored as raw, unsalted MD5 hash value in the Windows registry.
ea3ba68c2445280d74bd945ec27706a66dc51e94a333bf175519fd2093dc8a5e
By analyzing the password-based authentication for unloading the Kaspersky Anti-Virus protection, the SySS GmbH found out, that the password comparison is done within the process avp.exe (actually within the used module shell_service.dll), which runs or can be run in the context of the current Windows user, who can also be a standard, limited user. This fact allows a further analysis and the manipulation of the password comparison during runtime without administrative privileges, as every user is able to debug and manipulate the processes running with her user privileges. In order to bypass the password-based authentication to deactivate the protection of Kaspersky Anti-Virus in an unauthorized manner, an attacker only has to patch this password comparison, so that it always returns true, for example by comparing the correct unload password with itself or by modifying the program control flow.
554441351ca1092de802550ffa43352381d6c7482cd5373295ac4d9310a088aa