/bin/bash

CAVL is showing the above as suspicious for the first time. I tried to submit the file but got an error when trying. Is this a false positive?

Leslie

Hi lesliek,

Thank you for reporting, could you share us the screenshot of “CAVL is showing /bin/bash as suspicious” and “Error while you try to submit the file” .
Also, may i know your:-

  1. Linux version ?
  2. CAVL version ?
  3. Can you reproduce the problem & if so how reliably?
  4. If you can, exact steps to reproduce. If not, exactly what you did & what happened.

Thanks
C.O.M.O.D.O RT

Thank you very much for taking the trouble to reply.

I am using Ubuntu 20.04.3 LTS.

I am using CAVL 1.1.268025.1 with virus signature database version 34205.

I apologise for being unable to figure out how to add an attachment to this post. However, I just ran a scan of /bin again and this is what I get re /bin/bash: threat name is Malware@#3bjpp54h0d0nu and risk is high.

After running that scan, I tried to submit my /bin/bash file, but this time I got the message “Already submitted”.

Some more information: after being told that my bash was a threat the first time, I deleted it and replaced it with the bash file on the CD from which I installed Ubuntu last year. It’s the bash that has never before been said by CAVL to be a threat. Obviously, I got the same result as I’d got with the deleted bash.

I installed ClamAV and updated its signatures. I ran it. It said my bash was OK.

I uploaded my bash file to: VirusTotal. It reported no problem with my bash.

I hope that I’ve supplied the information you want. If not, please let me know what else you want and I’ll try to supply it.

Thanks again,

Leslie

Hi lesliek,

Thank you for providing the requested information, let me check and get back to you.

Thanks

Thank you.

Hi lesliek,

The /bin/bash is an false positive, could you update AV DB to v34218 and check.
Let us know your feedback.

Thanks
C.O.M.O.D.O RT

I updated and checked. This time, there was no report of a threat.

Thank you very much for dealing with this for me.

Best wishes,

Leslie