[sanesecurity] Re: evil javascript - no signatures

  • From: Tom Shaw <tshaw@xxxxxxxx>
  • To: sanesecurity@xxxxxxxxxxxxx
  • Date: Wed, 3 Jun 2009 08:48:08 -0400

At 11:11 AM +0200 6/3/09, Andre Hübner wrote:

Hello,

last weeks some of my users are local hacked and ftp upload was abused.
In .html Files some javascripts were added. i do not really know what it does but my local scanner (avg) is alerting and this case was also reported from external users. I use clamav and some sanesecurity-signatures but this javascripts are not included. Is there a special DB for clamav which i can use to stop this javascripts? Or ist it possible to upload samples? I already did some signatures on my own (directmailer etc) but i would prefer professional sig-makers. 



Andre,
I'll take a look. I am sure Steve would like to also. Why don't you zip/gzip up the html and post a url for us to access. 

Tom

Other related posts:

  1. Home
  2. sanesecurity
  3. Archive
  4. 06-2009