The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Clam AV Security Vulnerability

Discussion in 'Security' started by hostingmetro, Feb 17, 2004.

  1. hostingmetro

    hostingmetro Active Member
    PartnerNOC

    Joined:
    May 30, 2003
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
  2. anand

    anand Well-Known Member

    Joined:
    Nov 11, 2002
    Messages:
    1,435
    Likes Received:
    1
    Trophy Points:
    38
    Location:
    India
    cPanel Access Level:
    DataCenter Provider
    In shell:

    PHP:
    1. wget [url]http://twtelecom.dl.sourceforge.net/sourceforge/clamav/clamav-0.67.tar.gz[/url]
    2. tar xfzv clamav-0.67.tar.gz
    3. cd clamav
    -0.67
    4. 
    ./configure --prefix=/usr --sysconfdir=/etc
    5. make
    6. make install
    Now there is something you need to do between process 5 & 6. Just go and rename / delete /usr/local/bin/clamscan first. I found that unless you rename / delete that the new clamscan is not installed and you still have the old one running.

    You can get the version of the clamscan by

    PHP:
    clamscan -V
     
  3. anand

    anand Well-Known Member

    Joined:
    Nov 11, 2002
    Messages:
    1,435
    Likes Received:
    1
    Trophy Points:
    38
    Location:
    India
    cPanel Access Level:
    DataCenter Provider
  4. anand

    anand Well-Known Member

    Joined:
    Nov 11, 2002
    Messages:
    1,435
    Likes Received:
    1
    Trophy Points:
    38
    Location:
    India
    cPanel Access Level:
    DataCenter Provider
    don't forget to remove /usr/local/bin/clamscan before you install the new one. I found this the hardway.
     
  5. hostingmetro

    hostingmetro Active Member
    PartnerNOC

    Joined:
    May 30, 2003
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
    Thanks a lot!
     
  6. anand

    anand Well-Known Member

    Joined:
    Nov 11, 2002
    Messages:
    1,435
    Likes Received:
    1
    Trophy Points:
    38
    Location:
    India
    cPanel Access Level:
    DataCenter Provider
    np :D
     
  7. bman

    bman Well-Known Member

    Joined:
    Dec 28, 2003
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    for my servers
    its in /usr/local/bin/clamscan
     
    #7 bman, Feb 19, 2004
    Last edited: Feb 19, 2004
  8. anand

    anand Well-Known Member

    Joined:
    Nov 11, 2002
    Messages:
    1,435
    Likes Received:
    1
    Trophy Points:
    38
    Location:
    India
    cPanel Access Level:
    DataCenter Provider
    Whats the point bman ? I believe thats what the path i wrote in my post above.
     
  9. bman

    bman Well-Known Member

    Joined:
    Dec 28, 2003
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    ops i must have copyed it wron then sorry
     
  10. anand

    anand Well-Known Member

    Joined:
    Nov 11, 2002
    Messages:
    1,435
    Likes Received:
    1
    Trophy Points:
    38
    Location:
    India
    cPanel Access Level:
    DataCenter Provider
    np :)
     
  11. damainman

    damainman Well-Known Member

    Joined:
    Nov 13, 2003
    Messages:
    515
    Likes Received:
    0
    Trophy Points:
    16
    thanks for the advice :)

    Does this work if your using the clamav mailscanner from layer1?
     
  12. anand

    anand Well-Known Member

    Joined:
    Nov 11, 2002
    Messages:
    1,435
    Likes Received:
    1
    Trophy Points:
    38
    Location:
    India
    cPanel Access Level:
    DataCenter Provider
    There is a small hack to integrate it inside the mailscanner install from layer1. This is how you should do it.

    1. wget http://layer1.cpanel.net/mailscanner-autoinstall-1.5.tar.gz
    2. tar zxvf http://layer1.cpanel.net/mailscanner-autoinstall-1.5.tar.gz
    3. cd mailscanner-autoinstall-1.5
    4. wget http://twtelecom.dl.sourceforge.net/sourceforge/clamav/clamav-0.67.tar.gz
    5. pico claminstall
    6. Come to line 10, and replace tar xfzv clamav-0.60.tar.gz with tar xfzv clamav-0.67.tar.gz
    7. On line 11, replace cd clamav-0.60 with cd clamav-0.67
    8. Now save and exit pico.
    9. Run the mailscanner installer as you would
    ./install

    Everything should go as planned and you would have a new shining clam :D

    To check your clam version, just do

    clamscan -V

    Make sure it returns clamscan / ClamAV version 0.67 and you are all set.
     
  13. anand

    anand Well-Known Member

    Joined:
    Nov 11, 2002
    Messages:
    1,435
    Likes Received:
    1
    Trophy Points:
    38
    Location:
    India
    cPanel Access Level:
    DataCenter Provider
    Here is the actual copy of the updated claminstall file. Just copy this on your existing file from layer1 and you are done.

    PHP:
    #!/bin/sh

    /scripts/adduser clamav /usr/local 0
    chsh 
    -/bin/false clamav
    if [ -"/usr/sbin/pw" ]; then
            
    /usr/sbin/pw lock clamav
    else
            
    passwd -l clamav
    fi
    tar xfzv clamav
    -0.67.tar.gz
    (cd clamav-0.67;./configure --prefix=/usr --sysconfdir=/etc;make;make install)

    echo 
    "clamav.cpanel.net" > /usr/share/clamav/mirrors.pre
    cat 
    /usr/share/clamav/mirrors.txt >> /usr/share/clamav/mirrors.pre
    mv 
    -vf /usr/share/clamav/mirrors.pre /usr/share/clamav/mirrors.txt

    touch 
    /var/log/clam-update.log
    chmod 600 
    /var/log/clam-update.log
    chown clamav 
    /var/log/clam-update.log

    (cd /usr/local/bin;ln -../../bin/freshclam)

    /
    usr/bin/freshclam

    I will see if i can package the entire thing and put it here for people to download.
     
  14. damainman

    damainman Well-Known Member

    Joined:
    Nov 13, 2003
    Messages:
    515
    Likes Received:
    0
    Trophy Points:
    16
    Thanks again for the advice :)... one more quick question though.. if i already have clamav from layer1 installed.. do i need to uninstall... or will the install script overwrite the existing files?... and is the new clamav compatible with the configurations from the layer 1 package?
     
  15. anand

    anand Well-Known Member

    Joined:
    Nov 11, 2002
    Messages:
    1,435
    Likes Received:
    1
    Trophy Points:
    38
    Location:
    India
    cPanel Access Level:
    DataCenter Provider
    np :)

    You didn't read my posts above. I have mentioned how to update the clam from the layer1 install. No you don't need to reinstall the complete mailscanner package in order to update clam. Just follow my instructions in earlier posts and you will have clam running in no time. Don't forget to delete the older clam as i have pointed out.
     
  16. cyberspirit

    cyberspirit BANNED

    Joined:
    Jun 27, 2003
    Messages:
    293
    Likes Received:
    0
    Trophy Points:
    0
    there was a problem with 0.67 and there is already a 0.67.1 out!
     
  17. bgfweb

    bgfweb Member

    Joined:
    Nov 19, 2003
    Messages:
    10
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    earth
    same instruction details for 0.67.1?
     
  18. The MAzTER

    The MAzTER Well-Known Member

    Joined:
    Jul 3, 2003
    Messages:
    106
    Likes Received:
    0
    Trophy Points:
    16
    i dont have that file

    only got

    freshclam -> ../../bin/freshclam*
     
  19. bman

    bman Well-Known Member

    Joined:
    Dec 28, 2003
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    yes
     
  20. SuperBaby

    SuperBaby Well-Known Member

    Joined:
    Nov 27, 2003
    Messages:
    331
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Thailand
    cPanel Access Level:
    Website Owner
    Twitter:
    If you downloaded and installed MailScanner from layer1.cpanel.net, ClamAV is installed under ~/mailscanner-autoinstall-1.5, and the clamscan folder is under ~/mailscanner-autoinstall-1.5/clamav-0.60 (for example). There is no need to delete it in this case. After all you can delete the old folder (in this case, clamav-0.60) after installation.

    Make sure you check the version after installation:

    clamscan -V (with the capital "V")
     
Loading...

Share This Page