CentOS - Nov 2006 - Exploit

////usr/lib/kde3/kfile_ps.so: Exploit.Linux.Gv FOUND
////usr/lib/kde3/gsthumbnail.so: Exploit.Linux.Gv FOUND
////usr/lib/libgs.so.7.07: Exploit.Linux.Gv FOUND
////usr/lib/libkghostviewlib.so.0.0.0: Exploit.Linux.Gv FOUND

I start the procmail process and a mail with those lines appears on my
inbox (with subject "Virus found"), i'm running  clamd too, but i
dont
know if this files could be infected by a virus

On Tue, 2006-11-14 at 09:00 -0300, Departamento de Informatica
wrote:
> ////usr/lib/kde3/kfile_ps.so: Exploit.Linux.Gv FOUND
> ////usr/lib/kde3/gsthumbnail.so: Exploit.Linux.Gv FOUND
> ////usr/lib/libgs.so.7.07: Exploit.Linux.Gv FOUND
> ////usr/lib/libkghostviewlib.so.0.0.0: Exploit.Linux.Gv FOUND
> 
> I start the procmail process and a mail with those lines appears on my
> inbox (with subject "Virus found"), i'm running  clamd too,
but i dont
> know if this files could be infected by a virus
----
try...

rpm -V ghostscript

and see if anything has changed from the original installation

Craig

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Nov 14, 2006 at 09:00:41AM -0300, Departamento de Informatica
wrote:
> ////usr/lib/kde3/kfile_ps.so: Exploit.Linux.Gv FOUND
> ////usr/lib/kde3/gsthumbnail.so: Exploit.Linux.Gv FOUND
> ////usr/lib/libgs.so.7.07: Exploit.Linux.Gv FOUND
> ////usr/lib/libkghostviewlib.so.0.0.0: Exploit.Linux.Gv FOUND
> 
> I start the procmail process and a mail with those lines appears on my
> inbox (with subject "Virus found"), i'm running  clamd too,
but i dont
> know if this files could be infected by a virus
False positive.

clamav devel-20060426 will correctly detect is as a clean file.

[]s

- -- 
Rodrigo Barbosa
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFWdoXpdyWzQ5b5ckRAuAcAKCQs+AoaGARWf1Dxblwxh+CW2cDXQCfdXlJ
Lz/p7oI65Yalz5lPzk9nr4w=8Cmw
-----END PGP SIGNATURE-----