From 31388710e742aa03c1959fbe4b75508f5880c1a1 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 17:31:33 +0530
Subject: [PATCH] Update clamav-unauth.yaml

---
 network/clamav-unauth.yaml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/network/clamav-unauth.yaml b/network/clamav-unauth.yaml
index fa939010ee..3c37010e96 100644
--- a/network/clamav-unauth.yaml
+++ b/network/clamav-unauth.yaml
@@ -8,6 +8,9 @@ info:
     ClamAV server 0.99.2, and possibly other previous versions, allow the execution
     of dangerous service commands without authentication. Specifically, the command 'SCAN'
     may be used to list system files and the command 'SHUTDOWN' shut downs the service.
+  metadata:
+    verified: true
+    shodan-query: 'port:3310 product:"ClamAV" version:"0.99.2"'  
   reference:
     - https://seclists.org/nmap-dev/2016/q2/201
     - https://bugzilla.clamav.net/show_bug.cgi?id=11585
@@ -20,7 +23,10 @@ network:
       - "{{Hostname}}"
       - "{{Host}}:3310"
     read-size: 48
+
     matchers:
       - type: word
         words:
-          - "No such file"
\ No newline at end of file
+          - "No such"
+          - "lstat() failed"
+        condition: and