Fwd: clamtk detects setuptools-0.6c11-py2.7.egg Packer.MingwGcc-2 virus
M Rusli
linuxsecuritymrusli at gmail.com
Tue Jul 23 22:24:59 UTC 2013
Hi
Please take note of the issues.
Thank you.
---------- Forwarded message ----------
From: M Rusli <linuxsecuritymrusli at gmail.com>
Date: Wed, May 8, 2013 at 12:54 AM
Subject: Fwd: clamtk detects setuptools-0.6c11-py2.7.egg Packer.MingwGcc-2
virus
To: Dave M <dave.nerd at gmail.com>
---------- Forwarded message ----------
From: Tom Judge <tjudge at sourcefire.com>
Date: Tue, May 7, 2013 at 11:53 PM
Subject: Re: clamtk detects setuptools-0.6c11-py2.7.egg Packer.MingwGcc-2
virus
To: M Rusli <linuxsecuritymrusli at gmail.com>
Rusli,
This signature will be dropped in the next couple of days due to high
alert rate.
Please be aware that all PUA signatures are advisory (Potentially
unwanted application) rather than real alerts for malware. And as such
they may alert on legitimate applications/files that you do want but
others may not.
Tom
On 5/6/13 5:10 PM, M Rusli wrote:
> Okay,
>
> This is from pcbsd 9.1. Is PUA is turn on clamtk detects as virus. If
> it is turn off it did not.
>
> It's from Python 2.7 site packages.
>
> Attach is the file.
>
> It can be a false alarm with PUA turn on.
>
> By the way Dave,
>
> Please take note from Auscert.
>
> *ASB-2013.0061 - [UNIX/Linux] ClamAV: Reduced security -
> Unknown/unspecified* <http://www.auscert.com.au/render.html?it=17463> -
> A number of vulnerabilities have been identified in ClamAV prior to
> version 0.97.8. (30/04/2013)
>
> Thanks!
>
>
> On Mon, May 6, 2013 at 4:32 PM, Tom Judge <tjudge at sourcefire.com
> <mailto:tjudge at sourcefire.com>> wrote:
>
> Hi Rusli,
>
> I have sent this information over to the ClamAV detection team, to
> validate that the signature is correct. Could you please send me a
> copy of the file off list?
>
>
> Thanks
>
> Tom Judge
>
>
More information about the freebsd-gnome
mailing list