[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] SolarSpeed AV-Suite not vulnerable to recent exploit
- Subject: [cobalt-users] SolarSpeed AV-Suite not vulnerable to recent exploit
- From: Jeff Lasman <blists@xxxxxxxxxxxxx>
- Date: Tue Feb 10 13:41:01 2004
- Organization: nobaloney.net
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
On Tuesday 10 February 2004 11:42 am, I wrote:
> If you're using the SolarSpeed AV-Suite you can expect an update to
> be released soon, and I'll advise the list when it becomes available.
Here's the response I got a moment ago from Michael Stauber; I'm posting
it here because we're one of his marketing partners here in the US and
because he doesn't post to this list:
<snip>
When I spotted the bugreport on BugtraQ I downloaded the exploit and
tested my build of Clam AV with it.
Result: NOT vulnerable.
This is due to the fact that the AV-Suite does NOT use ClamD (the Clam
AV daemon). Instead it just uses the command line scanner. This is less
performant than using ClamD, but in version 0.60 ClamD had lots of
stability issues and I happily sacrifice speed for stability.
However, I'm working on an updated AV-Suite at the moment which will use
a newer MailScanner and a newer Clam AV. Once I build the new Clam AV I
will run the test again to see if that problem has been taken care of
or not.
</snip>
The bottom line is that the SolarSpeed AV-Suite is not susceptible to
this exploit.
Jeff
--
--
Jeff Lasman, nobaloney.net, P. O. Box 52672, Riverside, CA 92517 US
Professional Internet Services & Support / Consulting / Colocation
Our blists address used on lists is for list email only
Phone +1 909 324-9706, or see: "http://www.nobaloney.net/contactus.html";