Update clamav-unauth.yaml

patch-1
Prince Chaddha 2022-10-25 17:31:33 +05:30 committed by GitHub
parent a7e3ec1059
commit 31388710e7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 1 deletions

View File

@ -8,6 +8,9 @@ info:
ClamAV server 0.99.2, and possibly other previous versions, allow the execution
of dangerous service commands without authentication. Specifically, the command 'SCAN'
may be used to list system files and the command 'SHUTDOWN' shut downs the service.
metadata:
verified: true
shodan-query: 'port:3310 product:"ClamAV" version:"0.99.2"'
reference:
- https://seclists.org/nmap-dev/2016/q2/201
- https://bugzilla.clamav.net/show_bug.cgi?id=11585
@ -20,7 +23,10 @@ network:
- "{{Hostname}}"
- "{{Host}}:3310"
read-size: 48
matchers:
- type: word
words:
- "No such file"
- "No such"
- "lstat() failed"
condition: and