Erm… ClamAV daemon can be shutdown with a simple SHUTDOWN command

calderpwn General

A few days ago @nitr0us made some noise with something he found. It turns out that is possible to shutdown a ClamAV server by simply shoving over ‘SHUTDOWN’ to tcp port 3310. Although it is not recommended, of course people expose their instances so a NSE script had to be created 😉

Now included in the official repository: clamav-exec

calderpwn

Infosec consultant | Software dev | Open Source contributor | Nmap developer | PacktPub & Pluralsight author | Chapter leader of OWASP Riviera Maya

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.