[Pkg-clamav-devel] Bug#578133: clamav-daemon: clamav contains remote detonator

Tom Laermans tom.laermans at powersource.cx
Fri Apr 16 21:13:15 UTC 2010 

Package: clamav-daemon
Version: 0.94.dfsg.2-1lenny2
Severity: normal

Apparently the ClamAV software contains a remote detonator so the clamav
team can disable the software through an update sequence. This can knock any
mailserver (for example) offline running the version they deem fit to
disable.

Please remove this code in at least the debian package, or replace it by one
that does not run updates but not simply bomb out the daemon.

-- Package-specific info:
--- configuration ---
/etc/clamav/clamd.conf: clamd directives
------------------------------
LogFile = "/var/log/clamav/clamav.log"
LogFileUnlock = no
LogFileMaxSize = 0
LogTime = yes
LogClean = no
LogVerbose = no
LogSyslog = no
LogFacility = "LOG_LOCAL6"
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory not set
ScanPE = yes
ScanELF = yes
DetectBrokenExecutables = no
ScanMail = yes
MailFollowURLs = no
ScanPartialMessages = no
PhishingSignatures = yes
PhishingScanURLs = yes
PhishingAlwaysBlockCloak = no
PhishingAlwaysBlockSSLMismatch = no
HeuristicScanPrecedence = no
DetectPUA = no
ExcludePUA not set
IncludePUA not set
StructuredDataDetection = no
StructuredMinCreditCardCount = 3
StructuredMinSSNCount = 3
StructuredSSNFormatNormal = yes
StructuredSSNFormatStripped = no
AlgorithmicDetection = yes
ScanHTML = yes
ScanOLE2 = yes
ScanPDF = yes
ScanArchive = yes
MaxScanSize = 104857600
MaxFileSize = 26214400
MaxRecursion = 16
MaxFiles = 10000
ArchiveLimitMemoryUsage = no
ArchiveBlockEncrypted = no
DatabaseDirectory = "/var/lib/clamav"
TCPAddr not set
TCPSocket not set
LocalSocket = "/var/run/clamav/clamd.ctl"
MaxConnectionQueueLength = 15
StreamMaxLength = 10485760
StreamMinPort = 1024
StreamMaxPort = 2048
MaxThreads = 12
ReadTimeout = 180
IdleTimeout = 30
MaxDirectoryRecursion = 15
ExcludePath not set
FollowDirectorySymlinks = no
FollowFileSymlinks = no
ExitOnOOM = no
Foreground = no
Debug = no
LeaveTemporaryFiles = no
FixStaleSocket = yes
User = "clamav"
AllowSupplementaryGroups = yes
SelfCheck = 3600
VirusEvent not set
ClamukoScanOnAccess not set
ClamukoScanOnOpen not set
ClamukoScanOnClose not set
ClamukoScanOnExec not set
ClamukoIncludePath not set
ClamukoExcludePath not set
ClamukoMaxFileSize = 5242880
DevACOnly not set
DevACDepth not set
*** MailMaxRecursion is DEPRECATED ***
*** ArchiveMaxFileSize is DEPRECATED ***
*** ArchiveMaxRecursion is DEPRECATED ***
*** ArchiveMaxFiles is DEPRECATED ***
*** ArchiveMaxCompressionRatio is DEPRECATED ***
*** ArchiveBlockMax is DEPRECATED ***

/etc/clamav/freshclam.conf: freshclam directives
------------------------------
LogFileMaxSize = 0
LogTime = no
LogVerbose = no
LogSyslog = no
LogFacility = "LOG_LOCAL6"
PidFile = "/var/run/clamav/freshclam.pid"
DatabaseDirectory = "/var/lib/clamav/"
Foreground = no
Debug = no
AllowSupplementaryGroups = no
DatabaseOwner = "clamav"
Checks = 24
UpdateLogFile = "/var/log/clamav/freshclam.log"
DNSDatabaseInfo = "current.cvd.clamav.net"
DatabaseMirror = "db.local.clamav.net"
DatabaseMirror = "database.clamav.net"
MaxAttempts = 5
ScriptedUpdates = yes
CompressLocalDatabase = no
HTTPProxyServer not set
HTTPProxyPort not set
HTTPProxyUsername not set
HTTPProxyPassword not set
HTTPUserAgent not set
NotifyClamd = "/etc/clamav/clamd.conf"
OnUpdateExecute not set
OnErrorExecute not set
OnOutdatedExecute not set
LocalIPAddress not set
ConnectTimeout = 30
ReceiveTimeout = 30
SubmitDetectionStats not set
DetectionStatsCountry not set

Engine and signature databases
------------------------------
Engine version: 0.94.2
Database directory: /var/lib/clamav/
main db: Format: .cld, Version: 52, Build time: Mon Feb 15 15:54:51 2010
daily db: Format: .cld, Version: 10753, Build time: Fri Apr 16 21:34:53 2010

--- data dir ---
total 58524
-rw-r--r-- 1 clamav clamav  3183616 2010-04-16 22:29 daily.cld
-rw-r--r-- 1 clamav clamav 56671744 2010-02-15 18:27 main.cld
-rw------- 1 clamav clamav      208 2010-04-16 22:29 mirrors.dat

-- System Information:
Debian Release: 5.0.4
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-2-xen-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages clamav-daemon depends on:
ii  clamav-base          0.94.dfsg.2-1lenny2 anti-virus utility for Unix - base
ii  clamav-freshclam [cl 0.94.dfsg.2-1lenny2 anti-virus utility for Unix - viru
ii  libbz2-1.0           1.0.5-1             high-quality block-sorting file co
ii  libc6                2.7-18lenny2        GNU C Library: Shared libraries
ii  libclamav5           0.94.dfsg.2-1lenny2 anti-virus utility for Unix - libr
ii  libgmp3c2            2:4.2.2+dfsg-3      Multiprecision arithmetic library
ii  lsb-base             3.2-20              Linux Standard Base 3.2 init scrip
ii  ucf                  3.0016              Update Configuration File: preserv
ii  zlib1g               1:1.2.3.3.dfsg-12   compression library - runtime

clamav-daemon recommends no packages.

Versions of packages clamav-daemon suggests:
pn  clamav-docs                   <none>     (no description available)
pn  daemon                        <none>     (no description available)

-- no debconf information

More information about the Pkg-clamav-devel mailing list