Masu haɓakawa Cisco ya bayyana ta hanyar nuncio da 'yanci la sabon gyaran sigar kyautar kunshin riga-kafi na ClamAV 0.102.4 don magance raunin abubuwa uku waɗanda zasu iya ba da izinin tsarawa ko kawar da fayilolin son kai cikin tsarin.
Ga wadanda basu sani ba ClamAV ya kamata ka sani cewa wannan haka take riga-kafi mai budewa da kuma yawaitar abubuwa (Yana da siga don Windows, GNU / Linux, BSD, Solaris, Mac OS X da sauran tsarin aiki irin na Unix).
ClamAV yana ba da wasu kayan aikin riga-kafi musamman waɗanda aka tsara musamman don binciken imel. Gine-ginen ClamAV yana iya daidaitawa kuma yana da sassauƙa ta hanyar tsarin zaren da yawa.
Yana da mai kulawa mai ƙarfi wanda aka haɗa tare da layin umarni da kayan aikin don sabunta ɗakunan bayanan ta atomatik.
Babban burin ClamAV shine cin nasarar saitin kayan aikin da Gano da toshe malware daga email. Daya daga cikin mahimman bayanai a cikin wannan nau'in software shine azumi wuri da sanya shi a cikin kayan aikin sabbin ƙwayoyin cuta waɗanda aka samo da kuma leka.
Ana samun wannan ta hanyar haɗin gwiwar dubban masu amfani waɗanda ke amfani da ClamAv da shafuka kamar Virustotal.com waɗanda ke ba da ƙwayoyin cuta da aka bincika.
Menene sabo a ClamAV 0.102.4?
A cikin wannan sabon sigar na ClamAV 0.102.4 masu haɓakawa gabatar da mafita ga kasawa uku masu tsanani da aka gano.
Na farkonsu ya zama tambarin CVE-2020-3350, yana ba da damar wani maharin gida mara izini don aiwatar da cire fayil ko motsi a kan tsarin. Wannan mummunan aibi ne, tunda misali, yana iya ba maharin damar share adireshin / sauransu / passwd ba tare da izinin izini ba.
Rashin lafiyar ya samo asali ne sakamakon yanayin tsere wanda yake faruwa yayin yin fayilolin ɓarna kuma ya ba mai amfani da damar yin amfani da harsashi a kan tsarin ya ɓoye kundin adireshin da aka nufa don yin sikanin tare da alamomin alama da ke nuna wata hanyar daban.
Alal misali, - wani maƙiyi na iya ƙirƙirar kundin adireshi da loda fayil tare da sa hannu kan kwayar cutar gwajin, suna sunan wannan fayil din "passwd".
Bayan fara shirin gano cutar, amma kafin share fayil ɗin matsalar, zaka iya maye gurbin kundin adireshin "amfani" tare da hanyar haɗin alama wanda ke nuni zuwa kundin adireshin "/ sauransu", wanda zai sa riga-kafi ya share fayil ɗin / sauransu / passwd. Raunin yanayin yana bayyana ne kawai yayin amfani da clamscan, clamdscan da clamonacc tare da zaɓi "–move" ko "–remove".
Sauran matsalolin rashin daidaito waɗanda aka gyara CVE-2020-3327, CVE-2020-3481, ba da izinin hana sabis ta hanyar canja fayilolin da aka tsara na musamman, wanda aikinsa zai haifar da durkushewar aikin binciken a cikin matakan don nazarin fayiloli a cikin tsarin ARJ da EGG.
Idan kanaso ka kara sani game da shi, zaka iya duba mahaɗin mai zuwa.
Yadda ake girka ClamAV akan Linux?
Ga waɗanda suke da sha'awar iya shigar da wannan riga-kafi akan tsarin su, za su iya yin sa ta hanya mai sauƙi kuma hakan shine Ana samun ClamAV a cikin wuraren ajiyar yawancin rarraba Linux.
Game da Ubuntu da dangogin sa, zaku iya girka shi daga tashar jirgin ruwa ko daga cibiyar software.
Don samun damar girkawa daga tashar zasu bude daya akan tsarin su (zaka iya yin ta da gajeriyar hanyar Ctrl + Alt T) kuma a ciki kawai zasu buga umarnin mai zuwa:
sudo apt-get install clamav
Ga lamarin wadanda suke Arch Linux masu amfani da Kalam:
sudo pacman-S clamav
Yayinda ga wadanda suke amfani Fedora da Kalam
sudo dnf install clamav
OpenSUSE
sudo zypper install clamav
Kuma a shirye tare da shi, zasu girka wannan riga-kafi akan tsarin su. Yanzu kamar yadda a cikin duk riga-kafi, ClamAV shima yana da matattarar bayanai wanda zazzage shi kuma ya ɗauka don yin kwatancen a cikin fayil ɗin "ma'anar". Wannan fayil ɗin jeren ne wanda ke sanar da na'urar daukar hoto game da abubuwan tambaya.
Kowane lokaci haka yana da mahimmanci don iya sabunta wannan fayil ɗin, wanda zamu iya sabuntawa daga tashar, don yin wannan kawai aiwatarwa:
sudo freshclam