cPanel

New cxs v2.17

Changes:

  • Added hdir:/quarantine_clamavconnector to the csf.ignore.example file
  • Improvements to php script detection where extension is not .php
  • Filetype detection speedups
  • Filetype differentiation between MS-DOS and MS Windows executables
  • Added new option –Wrefresh. To keep the cxs Watch daemon up to date, it will restart every 7 days by default. To change this interval, you can set B<--Wrefresh [days]>
  • Improvements to the decode regex
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cxs v2.16

Changes:

  • Further improvements to the check for PHP code hidden in GIF image files for “hidden script file”, regex matching and decode scanning

New c

New cxs v2.14

Changes:

  • Improvements to the check for PHP code hidden in GIF image files for “hidden script file”, regex matching and decode scanning
  • Add link to the Changelog when cxs is upgraded
  • If an ignore file us used with cxs Watch daemon and the ignore file is modified, cxs Watch will reload the ignore file and restart the child processes. However, after making a large number of changes to the ignore file or if adding puser: or user: to the ignore file, the cxs Watch daemon should be manually restarted
  • Improved cxs Watch logging when suspicious file found and –Wloglevel set to 0
  • Exploit fingerprint definitions database additions

New ClamAV v0.97.1

This is a bugfix release recommended for all users. Please refer to theChangeLog file for details.Download : http://downloads.sourceforge.net/clamav/clamav-0.97.1.tar.gzPGP sig

New cxs v2.13

Changes:

  • During cxs Watch startup default to the POSIX locale to avoid error message ambiguity for intotify from the kernel
  • Improvements to –decode ([D]) option
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cxs v2.12

Changes:

  • Improvements to –decode ([D]) option
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions

New cxs v2.11

Changes:

  • Further SECURITY improvements to Quarantine functionality
  • All cxs users should upgrade to this release immediately

New cxs v2.10

Changes:

  • Fixed a SECURITY BUG in Quarantine file restore which could result in root privilege escalation. The destination restore file must not now exist before restoring will work. Our thanks to Jeff Petersen for reporting this issue
  • All cxs users should upgrade to this release immediately

New cxs v2.09

Changes:

  • New –options [R]. It will trigger a match for the inbuilt regex used by –options [D] when decoding PHP encoded (base64, etc) scripts
  • Improvements to –decode ([D]) option so that both the last and the penultimate decode level are both scanned
  • Added improved code for dropping privileges to the “nobody” user while running the interactive php interpreter as root
  • Ensure Quarantine only works on files
  • Updated UI text for options
  • Removed duplicated regex definitions from the database now that –options [R] has been added. Be sure to add R to your –options lists if you specify them if you still want to trap these.

New cxs v2.08

Changes:

  • Removed code that dropped privileges to the “nobody” user while running the interactive php interpreter as it broke subsequent scanning at depth
  • Exploit regex definitions database additions
  • Exploit fingerprint definitions database additions