Update clamav-unauth.yaml

2022-10-25 17:31:33 +05:30 · 2022-10-25 17:31:33 +05:30 · 31388710e7
parent a7e3ec1059
commit 31388710e7
1 changed files with 7 additions and 1 deletions
--- a/network/clamav-unauth.yaml
+++ b/network/clamav-unauth.yaml
@ -8,6 +8,9 @@ info:
    ClamAV server 0.99.2, and possibly other previous versions, allow the execution
    of dangerous service commands without authentication. Specifically, the command 'SCAN'
    may be used to list system files and the command 'SHUTDOWN' shut downs the service.
+  metadata:
+    verified: true
+    shodan-query: 'port:3310 product:"ClamAV" version:"0.99.2"'  
  reference:
    - https://seclists.org/nmap-dev/2016/q2/201
    - https://bugzilla.clamav.net/show_bug.cgi?id=11585
@ -20,7 +23,10 @@ network:
      - "{{Hostname}}"
      - "{{Host}}:3310"
    read-size: 48
+
    matchers:
      - type: word
        words:
-          - "No such file"
+          - "No such"
+          - "lstat() failed"
+        condition: and