ports/64115: Found the *!zip virus !!!
Veselin Slavov
vess at slavof.net
Thu Mar 11 20:10:03 UTC 2004
>Number: 64115
>Category: ports
>Synopsis: Found the *!zip virus !!!
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Mar 11 12:10:02 PST 2004
>Closed-Date:
>Last-Modified:
>Originator: Veselin Slavov
>Release: FreeBSD 4.9-STABLE i386
>Organization:
>Environment:
System: FreeBSD server.slavof.net 4.9-STABLE FreeBSD 4.9-STABLE #4: Sun Nov 9 00:36:25 EET 2003 vess at server.slavof.net:/usr/obj/usr/src/sys/slavof i386
Scan engine v4.3.20 for BSD.
Virus data file v4336 created Mar 10 2004
Scanning for 87499 viruses, trojans and variants.
>Description:
In current version - "zip virus" detection INPOSIBLE. "Mail message with atached "zip" file (made with password and included infected 'exe') "
>How-To-Repeat:
>Fix:
--- work/amavis-perl-11/amavis/amavis.orig Thu Mar 11 21:46:30 2004
+++ work/amavis-perl-11/amavis/amavis Thu Mar 11 21:43:35 2004
@@ -128,7 +128,7 @@
# Notification
my $warnadmin = "yes";
my $warnrecip = "no";
-my $warnsender = "yes";
+my $warnsender = "no";
# Add X-Virus-Scanned line to mail?
my $X_HEADER = "yes";
@@ -241,6 +241,7 @@
}
mkdir("$TEMPDIR/parts", 0700) || do_exit($REGERR, __LINE__);
+mkdir("$TEMPDIR/parts/unable_unzip", 0700) || do_exit($REGERR, __LINE__);
do_log(0,"starting. amavis perl-11 Thu Mar 11 11:39:27 EET 2004");
@@ -1027,7 +1028,9 @@
$zip->extractMember($_,$newpart);
}
}
- unlink("$TEMPDIR/parts/$part") unless (defined $selfextract{$part});
+ my $old_name="$TEMPDIR/parts/$part";
+ my $new_name="$TEMPDIR/parts/unable_unzip/$part";
+ rename $old_name, $new_name unless (defined $selfextract{$part});
return 1;
}
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list