aww

Well-Known Member
Feb 10, 2005
152
0
166
cPanel Access Level
Root Administrator
Hi, I followed your helpful directions (identical to message #40 here)
and after it finishes I tried a clamd --v and got:

exim started ok
[/usr/local/cpanel/modules-install/clamavconnector-Linux-i686]# clamd --v
-bash: /usr/sbin/clamd: No such file or directory
did I do something wrong? :(

UPDATE: my mistake - I thought I had gotten 0.92 and apparently it was 0.92.1
I just updated the version numbers inside INSTALL2 and it worked fine


Thanks for the help!
 
Last edited:

betoranaldi

Well-Known Member
Dec 5, 2007
105
0
66
Note: If you're using the x86_64 version, the path would be :

/usr/local/cpanel/modules-install/clamavconnector-Linux-x86_64

Radio_Head's further steps work the same though.
Just wanted to post my experience upgrading on an x86 system.

After following the procedure described by Radio_Head (using the directory /usr/local/cpanel/modules-install/clamavconnector-Linux-x86_64 and updating the wgets and install2 with the latest version number) when I tried to run clamav, I would get the following error:

clamd: error while loading shared libraries: libclamav.so.3: cannot open shared object file: No such file or directory

In order to correct this I ran the "ldconfig" command as root.

After that ran, everything worked as intended.
 

webadmin

Member
Aug 27, 2006
5
0
151
clamav outdated issue

Just wanted to post my experience upgrading on an my centos system.

After following the procedure described by Radio_Head clamav0.92.1 installed successfully but only problem i have got is: from whm-plugins-clamav scanner configuration options give error like its uanble to find the cgi directory.

but after get back to 0.91.2 the options came to normal again
ClamAV Scanner Configuration
Scans Allowed Globally

Allow the following ClamAV scans to be run for all users:

Scan Entire Home Directory
Scan Mail
Scan Public FTP Space
Scan Public Web Space
ClamAV Scanner User Configuration

Configure ClamAV Scanner for individual users:
 

Frank Broughton

Active Member
Feb 8, 2006
32
0
156
Thanks Radio Head, as usual, your procedure works! My system is updated to 0.92.1 now.

Sure wish someone at cPanel would be on top of this. It is not like the cPanel is freeware! Version 11 is a great product - not complaining, just wondering out loud why a simple thing as keeping an addon av updated is not a priority?
 
Last edited:

jandafields

Well-Known Member
May 6, 2004
436
6
168
USA
cPanel Access Level
Root Administrator
I am getting LN errors:

Code:
`html/clamavconnector/cleanstyle.css' -> `/usr/local/cpanel/base/frontend/x/clamavconnector/cleanstyle.css'
`html/clamavconnector/index.html' -> `/usr/local/cpanel/base/frontend/x/clamavconnector/index.html'
`html/clamavconnector/blank.html' -> `/usr/local/cpanel/base/frontend/x/clamavconnector/blank.html'
ln: `./clamavconnector': File exists
mkdir: cannot create directory `/usr/local/cpanel/base/frontend/x/cells/': File exists
`cells/clamavconnector.html' -> `/usr/local/cpanel/base/frontend/x/cells/clamavconnector.html'
ln: `./cells': File exists
./install2: line 129: [: !-e: unary operator expected
`whmaddons/clamavconnector' -> `/usr/local/cpanel/whostmgr/addonsfeatures/clamavconnector'
`addon_clamavconnector.cgi' -> `/usr/local/cpanel/whostmgr/docroot/cgi/addon_clamavconnector.cgi'
zlib version checking was disabled. zlib versions <= 1.2.1 have a know security vulnerability
See http://www.zlib.net/ for more information
 

TopOTheMorning

Registered
Sep 8, 2007
4
0
51
ClamAV Upack Processing Buffer Overflow Vulnerability

ClamAV Upack Processing Buffer Overflow Vulnerability

Severity: Highly critical
Impact: System access
Where: From remote

A vulnerability has been identified in Clam AntiVirus (ClamAV), which could be exploited by remote attackers or malware to cause a denial of service or take complete control of an affected system. This issue is caused by a buffer overflow error in the "cli_scanpe()" [libclamav/pe.c] function when processing a specially crafted "Upack" executable, which could be exploited by attackers to execute arbitrary commands by tricking a vulnerable application into scanning a specially crafted file.

The vulnerability is confirmed in versions 0.92 and 0.92.1. Prior versions may also be affected.

http://secunia.com/advisories/29000/
How do I ensure my installation of ClamAV is updated, and why isn't CPanel/WHM doing this automatically?

Thanks in advance!
 

Bdzzld

Well-Known Member
Apr 3, 2004
412
5
168
Solution:
An updated version should be available shortly. The PE scanning module has been remotely switched off after 10/03/2008.

Do not scan untrusted PE files.
Nothing to worry about as it may seem. The vulnerability has been disabled about a month ago.
Time to upgrade 0.92.1 to 0.93 I guess. Any one already done this successfully?
 

Bdzzld

Well-Known Member
Apr 3, 2004
412
5
168
furquan, the same has already been added to this thread a few years ago (second post) and does not upgrade, but installs a new version. Please follow the guidelines as described later to upgrade...
 
Last edited:

Lestat

Well-Known Member
Sep 13, 2003
199
0
166
cdiff.o(.text+0x1a37): In function `cdiff_apply':
../shared/cdiff.c:984: undefined reference to `gzdopen'
cdiff.o(.text+0x1a71):../shared/cdiff.c:994: undefined reference to `gzgets'
cdiff.o(.text+0x1b8d):../shared/cdiff.c:1016: undefined reference to `gzclose'
cdiff.o(.text+0x1bc4):../shared/cdiff.c:1010: undefined reference to `gzclose'
tar.o(.text+0xd2): In function `tar_addfile':
../shared/tar.c:82: undefined reference to `gzwrite'
tar.o(.text+0x107):../shared/tar.c:95: undefined reference to `gzwrite'
tar.o(.text+0x1c2):../shared/tar.c:111: undefined reference to `gzwrite'
manager.o(.text+0xf24): In function `buildcld':
/usr/src/clamav-0.93/freshclam/manager.c:913: undefined reference to `gzclose'
manager.o(.text+0xf59):/usr/src/clamav-0.93/freshclam/manager.c:884: undefined reference to `gzopen'
manager.o(.text+0x108d):/usr/src/clamav-0.93/freshclam/manager.c:932: undefined reference to `gzclose'
manager.o(.text+0x10d5):/usr/src/clamav-0.93/freshclam/manager.c:944: undefined reference to `gzclose'
collect2: ld returned 1 exit status
make[2]: *** [freshclam] Error 1
make[2]: Leaving directory `/usr/src/clamav-0.93/freshclam'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/usr/src/clamav-0.93'
make: *** [all] Error 2







Making install in freshclam
make[1]: Entering directory `/usr/src/clamav-0.93/freshclam'
/bin/sh ../libtool --tag=CC --mode=link gcc -g -O2 -o freshclam output.o cfgparser.o getopt.o misc.o options.o sha256.o cdiff.o tar.o freshclam.o manager.o notify.o dns.o execute.o nonblock.o mirman.o ../libclamav/libclamav.la -lresolv -lpthread
gcc -g -O2 -o .libs/freshclam output.o cfgparser.o getopt.o misc.o options.o sha256.o cdiff.o tar.o freshclam.o manager.o notify.o dns.o execute.o nonblock.o mirman.o ../libclamav/.libs/libclamav.so -lresolv -lpthread -Wl,--rpath -Wl,/usr/local/lib
cdiff.o(.text+0x1a37): In function `cdiff_apply':
../shared/cdiff.c:984: undefined reference to `gzdopen'
cdiff.o(.text+0x1a71):../shared/cdiff.c:994: undefined reference to `gzgets'
cdiff.o(.text+0x1b8d):../shared/cdiff.c:1016: undefined reference to `gzclose'
cdiff.o(.text+0x1bc4):../shared/cdiff.c:1010: undefined reference to `gzclose'
tar.o(.text+0xd2): In function `tar_addfile':
../shared/tar.c:82: undefined reference to `gzwrite'
tar.o(.text+0x107):../shared/tar.c:95: undefined reference to `gzwrite'
tar.o(.text+0x1c2):../shared/tar.c:111: undefined reference to `gzwrite'
manager.o(.text+0xf24): In function `buildcld':
/usr/src/clamav-0.93/freshclam/manager.c:913: undefined reference to `gzclose'
manager.o(.text+0xf59):/usr/src/clamav-0.93/freshclam/manager.c:884: undefined reference to `gzopen'
manager.o(.text+0x108d):/usr/src/clamav-0.93/freshclam/manager.c:932: undefined reference to `gzclose'
manager.o(.text+0x10d5):/usr/src/clamav-0.93/freshclam/manager.c:944: undefined reference to `gzclose'
collect2: ld returned 1 exit status
make[1]: *** [freshclam] Error 1
make[1]: Leaving directory `/usr/src/clamav-0.93/freshclam'
make: *** [install-recursive] Error 1
ClamAV update process started at Tue Apr 15 12:37:22 2008
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.92.1 Recommended version: 0.93
DON'T PANIC! Read http://www.clamav.net/support/faq
main.inc is up to date (version: 46, sigs: 231834, f-level: 26, builder: sven)
daily.inc is up to date (version: 6781, sigs: 24599, f-level: 26, builder: ccordes)
`contrib/init/RedHat/clamd' -> `/etc/init.d/clamd'
Stopping clamd: [FAILED]
Starting clamd: ERROR: Please define server type (local and/or TCP).
[FAILED]


any idea how to fix? I look in the clamd.conf and it is empty...
 

Lestat

Well-Known Member
Sep 13, 2003
199
0
166
Using ConfigServer Services in whm and I also tried installing manually as well.
 

Lestat

Well-Known Member
Sep 13, 2003
199
0
166
Apparently RE4 is having this issue with zlib.
I just ran this command:

mv /usr/local/lib/libz.a /usr/local/lib/libz.a.backup

Then ran update again and it fixed it. I renamed file back to origanal state. Wasn't sure if it was needed.

mv /usr/local/lib/libz.a.backup /usr/local/lib/libz.a

service clamd restart

Now works..
 
Last edited:

Bdzzld

Well-Known Member
Apr 3, 2004
412
5
168
The following steps ran smoothly on a box running CenOS4.6 x86_64 :

for i686 :
Code:
# cd /usr/local/cpanel/modules-install/clamavconnector-Linux-i686
for x86_64 :
Code:
# cd /usr/local/cpanel/modules-install/clamavconnector-Linux-x86_64
then :
Code:
# rm clamav-0.*
# wget http://downloads.sourceforge.net/clamav/clamav-0.93.tar.gz
# rm install2
# cp install install2
# chmod 755 install2
now check your clamd version
Code:
# clamd -V
for example it returns 0.92.1

now :
Code:
# vi install2
and replace :

AVVOLD=0.92.1
with your current version

and :

AVV with newer version (get it correctly from the clamav file downloaded above)

so you should have this :
Code:
AVV=0.93
AVVOLD=0.92.1
Save

Now execute
Code:
#./install2
Done :) (Slightly adopted from prev. posts)
 
Last edited:

kemis

Well-Known Member
Feb 17, 2005
104
0
166
Georgetown, TX
Lestat,

I also wanted to express my sincerest thanks for the "mv" fix! I posted a few comments on Chirpy's blog asking for help, but they were never moderated. :-(

Anyway, after mv'ing that file, performing a quick /scripts/upcp, then running the clamav forced upgrade from Chirpy's MSFE WHM addon, it all works again!

Matt
 

Lestat

Well-Known Member
Sep 13, 2003
199
0
166
Lestat,

I also wanted to express my sincerest thanks for the "mv" fix! I posted a few comments on Chirpy's blog asking for help, but they were never moderated. :-(

Anyway, after mv'ing that file, performing a quick /scripts/upcp, then running the clamav forced upgrade from Chirpy's MSFE WHM addon, it all works again!

Matt
Thanks Kemis I did the same thing as well it was never posted either. I went on to discover my own fix. Sure enough it worked... was driving me nutz with emails rolling in.