edwin at clamav
Feb 15, 2011, 5:42 AM
Post #2 of 2
On 2011-02-15 10:20, Julien Reveret wrote:
Re: clamscan can't detect malware inside a debian package
[In reply to]
> I've made a few tests lately to embed malwares inside UNIX packages like
> RPM or DEB packages. Once done, I scanned the packages with many
> anti-virus products to check their efficiency.
> Concerning clamav, there was no problem finding malware embedded into a
> RPM package. Nevertheless clamscan was unable to detect a known malware
> (the C99 PHP Backdoor) added to a preinst or postinst file.
> Should I report this as a bug ?
Just published bytecode.cvd version 138, is the .deb detected now?
(Run freshclam, make sure you get bytecode.cvd 138, and that you run
Please submit your patches to our Bugzilla: http://bugs.clamav.net