WHM clamav outdated

[aww]

Hi, I followed your helpful directions (identical to message #40 here)
and after it finishes I tried a clamd --v and got:

exim started ok
[/usr/local/cpanel/modules-install/clamavconnector-Linux-i686]# clamd --v
-bash: /usr/sbin/clamd: No such file or directory

did I do something wrong?

UPDATE: my mistake - I thought I had gotten 0.92 and apparently it was 0.92.1
I just updated the version numbers inside INSTALL2 and it worked fine

Thanks for the help!

 

[Bdzzld]

# cd /usr/local/cpanel/modules-install/clamavconnector-Linux-i686
# wget http://freshmeat.net/redir/clamav/29355/url_tgz/clamav-0.92.tar.gz
# cp install install2
# chmod 755 install2

Note: If you're using the x86_64 version, the path would be :

/usr/local/cpanel/modules-install/clamavconnector-Linux-x86_64

Radio_Head's further steps work the same though.

 

[betoranaldi]

Note: If you're using the x86_64 version, the path would be :

/usr/local/cpanel/modules-install/clamavconnector-Linux-x86_64

Radio_Head's further steps work the same though.

Just wanted to post my experience upgrading on an x86 system.

After following the procedure described by Radio_Head (using the directory /usr/local/cpanel/modules-install/clamavconnector-Linux-x86_64 and updating the wgets and install2 with the latest version number) when I tried to run clamav, I would get the following error:

clamd: error while loading shared libraries: libclamav.so.3: cannot open shared object file: No such file or directory

In order to correct this I ran the "ldconfig" command as root.

After that ran, everything worked as intended.

 

[webadmin]

clamav outdated issue

Just wanted to post my experience upgrading on an my centos system.

After following the procedure described by Radio_Head clamav0.92.1 installed successfully but only problem i have got is: from whm-plugins-clamav scanner configuration options give error like its uanble to find the cgi directory.

but after get back to 0.91.2 the options came to normal again
ClamAV Scanner Configuration
Scans Allowed Globally

Allow the following ClamAV scans to be run for all users:

Scan Entire Home Directory
Scan Mail
Scan Public FTP Space
Scan Public Web Space
ClamAV Scanner User Configuration

Configure ClamAV Scanner for individual users:

 

[Frank Broughton]

Thanks Radio Head, as usual, your procedure works! My system is updated to 0.92.1 now.

Sure wish someone at cPanel would be on top of this. It is not like the cPanel is freeware! Version 11 is a great product - not complaining, just wondering out loud why a simple thing as keeping an addon av updated is not a priority?

 

[jandafields]

I am getting LN errors:

`html/clamavconnector/cleanstyle.css' -> `/usr/local/cpanel/base/frontend/x/clamavconnector/cleanstyle.css'
`html/clamavconnector/index.html' -> `/usr/local/cpanel/base/frontend/x/clamavconnector/index.html'
`html/clamavconnector/blank.html' -> `/usr/local/cpanel/base/frontend/x/clamavconnector/blank.html'
ln: `./clamavconnector': File exists
mkdir: cannot create directory `/usr/local/cpanel/base/frontend/x/cells/': File exists
`cells/clamavconnector.html' -> `/usr/local/cpanel/base/frontend/x/cells/clamavconnector.html'
ln: `./cells': File exists
./install2: line 129: [: !-e: unary operator expected
`whmaddons/clamavconnector' -> `/usr/local/cpanel/whostmgr/addonsfeatures/clamavconnector'
`addon_clamavconnector.cgi' -> `/usr/local/cpanel/whostmgr/docroot/cgi/addon_clamavconnector.cgi'
zlib version checking was disabled. zlib versions <= 1.2.1 have a know security vulnerability
See http://www.zlib.net/ for more information

 

[foobarwith]

Thanks for this share.

 

[TopOTheMorning]

ClamAV Upack Processing Buffer Overflow Vulnerability

ClamAV Upack Processing Buffer Overflow Vulnerability

Severity: Highly critical
Impact: System access
Where: From remote

A vulnerability has been identified in Clam AntiVirus (ClamAV), which could be exploited by remote attackers or malware to cause a denial of service or take complete control of an affected system. This issue is caused by a buffer overflow error in the "cli_scanpe()" [libclamav/pe.c] function when processing a specially crafted "Upack" executable, which could be exploited by attackers to execute arbitrary commands by tricking a vulnerable application into scanning a specially crafted file.

The vulnerability is confirmed in versions 0.92 and 0.92.1. Prior versions may also be affected.

http://secunia.com/advisories/29000/

How do I ensure my installation of ClamAV is updated, and why isn't CPanel/WHM doing this automatically?

Thanks in advance!

 

[nyjimbo]

Clamav 0.93 is out.

http://www.clamav.net/

 

[Bdzzld]

Solution:
An updated version should be available shortly. The PE scanning module has been remotely switched off after 10/03/2008.

Do not scan untrusted PE files.

Nothing to worry about as it may seem. The vulnerability has been disabled about a month ago.
Time to upgrade 0.92.1 to 0.93 I guess. Any one already done this successfully?

 

[furquan]

follow the instructinos here for upgrade

http://www.configserver.com/cp/upgrade.html

Chirpy is the best !!!!

On a side note, does any one know how to uninstal clamAV ?

 

[Bdzzld]

furquan, the same has already been added to this thread a few years ago (second post) and does not upgrade, but installs a new version. Please follow the guidelines as described later to upgrade...

 

[Lestat]

cdiff.o(.text+0x1a37): In function `cdiff_apply':
../shared/cdiff.c:984: undefined reference to `gzdopen'
cdiff.o(.text+0x1a71):../shared/cdiff.c:994: undefined reference to `gzgets'
cdiff.o(.text+0x1b8d):../shared/cdiff.c:1016: undefined reference to `gzclose'
cdiff.o(.text+0x1bc4):../shared/cdiff.c:1010: undefined reference to `gzclose'
tar.o(.text+0xd2): In function `tar_addfile':
../shared/tar.c:82: undefined reference to `gzwrite'
tar.o(.text+0x107):../shared/tar.c:95: undefined reference to `gzwrite'
tar.o(.text+0x1c2):../shared/tar.c:111: undefined reference to `gzwrite'
manager.o(.text+0xf24): In function `buildcld':
/usr/src/clamav-0.93/freshclam/manager.c:913: undefined reference to `gzclose'
manager.o(.text+0xf59):/usr/src/clamav-0.93/freshclam/manager.c:884: undefined reference to `gzopen'
manager.o(.text+0x108d):/usr/src/clamav-0.93/freshclam/manager.c:932: undefined reference to `gzclose'
manager.o(.text+0x10d5):/usr/src/clamav-0.93/freshclam/manager.c:944: undefined reference to `gzclose'
collect2: ld returned 1 exit status
make[2]: *** [freshclam] Error 1
make[2]: Leaving directory `/usr/src/clamav-0.93/freshclam'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/src/clamav-0.93'
make: *** [all] Error 2







Making install in freshclam
make[1]: Entering directory `/usr/src/clamav-0.93/freshclam'
/bin/sh ../libtool --tag=CC --mode=link gcc -g -O2 -o freshclam output.o cfgparser.o getopt.o misc.o options.o sha256.o cdiff.o tar.o freshclam.o manager.o notify.o dns.o execute.o nonblock.o mirman.o ../libclamav/libclamav.la -lresolv -lpthread
gcc -g -O2 -o .libs/freshclam output.o cfgparser.o getopt.o misc.o options.o sha256.o cdiff.o tar.o freshclam.o manager.o notify.o dns.o execute.o nonblock.o mirman.o ../libclamav/.libs/libclamav.so -lresolv -lpthread -Wl,--rpath -Wl,/usr/local/lib
cdiff.o(.text+0x1a37): In function `cdiff_apply':
../shared/cdiff.c:984: undefined reference to `gzdopen'
cdiff.o(.text+0x1a71):../shared/cdiff.c:994: undefined reference to `gzgets'
cdiff.o(.text+0x1b8d):../shared/cdiff.c:1016: undefined reference to `gzclose'
cdiff.o(.text+0x1bc4):../shared/cdiff.c:1010: undefined reference to `gzclose'
tar.o(.text+0xd2): In function `tar_addfile':
../shared/tar.c:82: undefined reference to `gzwrite'
tar.o(.text+0x107):../shared/tar.c:95: undefined reference to `gzwrite'
tar.o(.text+0x1c2):../shared/tar.c:111: undefined reference to `gzwrite'
manager.o(.text+0xf24): In function `buildcld':
/usr/src/clamav-0.93/freshclam/manager.c:913: undefined reference to `gzclose'
manager.o(.text+0xf59):/usr/src/clamav-0.93/freshclam/manager.c:884: undefined reference to `gzopen'
manager.o(.text+0x108d):/usr/src/clamav-0.93/freshclam/manager.c:932: undefined reference to `gzclose'
manager.o(.text+0x10d5):/usr/src/clamav-0.93/freshclam/manager.c:944: undefined reference to `gzclose'
collect2: ld returned 1 exit status
make[1]: *** [freshclam] Error 1
make[1]: Leaving directory `/usr/src/clamav-0.93/freshclam'
make: *** [install-recursive] Error 1
ClamAV update process started at Tue Apr 15 12:37:22 2008
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.92.1 Recommended version: 0.93
DON'T PANIC! Read http://www.clamav.net/support/faq
main.inc is up to date (version: 46, sigs: 231834, f-level: 26, builder: sven)
daily.inc is up to date (version: 6781, sigs: 24599, f-level: 26, builder: ccordes)
`contrib/init/RedHat/clamd' -> `/etc/init.d/clamd'
Stopping clamd: [FAILED]
Starting clamd: ERROR: Please define server type (local and/or TCP).
[FAILED]


any idea how to fix? I look in the clamd.conf and it is empty...

 

[Lestat]

Using ConfigServer Services in whm and I also tried installing manually as well.

 

[Lestat]

Apparently RE4 is having this issue with zlib.
I just ran this command:

mv /usr/local/lib/libz.a /usr/local/lib/libz.a.backup

Then ran update again and it fixed it. I renamed file back to origanal state. Wasn't sure if it was needed.

mv /usr/local/lib/libz.a.backup /usr/local/lib/libz.a

service clamd restart

Now works..

 

[Bdzzld]

The following steps ran smoothly on a box running CenOS4.6 x86_64 :

for i686 :

# cd /usr/local/cpanel/modules-install/clamavconnector-Linux-i686

for x86_64 :

# cd /usr/local/cpanel/modules-install/clamavconnector-Linux-x86_64

then :

# rm clamav-0.*
# wget http://downloads.sourceforge.net/clamav/clamav-0.93.tar.gz
# rm install2
# cp install install2
# chmod 755 install2

now check your clamd version

# clamd -V

for example it returns 0.92.1

now :

# vi install2

and replace :

AVVOLD=0.92.1
with your current version

and :

AVV with newer version (get it correctly from the clamav file downloaded above)

so you should have this :

AVV=0.93
AVVOLD=0.92.1

Save

Now execute

#./install2

Done (Slightly adopted from prev. posts)

 

[ManojB]

Hello Lestat,

Thank you for the fix

 

[Lestat]

Hello Lestat,

Thank you for the fix

No Problem took me 2 days to figure that one out.

 

[kemis]

Lestat,

I also wanted to express my sincerest thanks for the "mv" fix! I posted a few comments on Chirpy's blog asking for help, but they were never moderated. :-(

Anyway, after mv'ing that file, performing a quick /scripts/upcp, then running the clamav forced upgrade from Chirpy's MSFE WHM addon, it all works again!

Matt

 

[Lestat]

Lestat,

I also wanted to express my sincerest thanks for the "mv" fix! I posted a few comments on Chirpy's blog asking for help, but they were never moderated. :-(

Anyway, after mv'ing that file, performing a quick /scripts/upcp, then running the clamav forced upgrade from Chirpy's MSFE WHM addon, it all works again!

Matt

Thanks Kemis I did the same thing as well it was never posted either. I went on to discover my own fix. Sure enough it worked... was driving me nutz with emails rolling in.