[Avcheck] avp corrupted file "daily.avc"

[Robert Dalton]

Hello !


I want to report a problem and solution for updating
avp base files.

Today after receiving the gone.scr worm we noticed
that avp was not loading daily.avc. Further inspection
showed that the file was corrupted at the download site: http://downloads1.kaspersky-labs.com/updates/


We run the update script from cron, and need to be
notified of a problem like this if it happens again. 

Below is our modified script for updating avp's bases;
It emails the admin if a problem is encountered updating
the base files.

Please include the modifications to the main distro/doc's 
for next avscan if possible.

#!/bin/sh

/var/spool/avp/kavupdater -y -o -kb -b=/var/spool/avp/bases \
-uik=http://www.kaspersky-labs.com/updates/ | tee /tmp/avptmp
if [ 0 -lt $(egrep -c "(not completed|corrupted)" /tmp/avptmp) ]
then
mail -s "AVP PROBLEM" root < /tmp/avptmp
fi
rm -f /tmp/avptmp
chmod 644 /var/spool/avp/bases/* > /dev/null
chmod 755 /var/spool/avp/bases   > /dev/null


Also I noticed another unrelated minor problem in that
the kavupdate binary doesn't output to errors to stderr.


Thanks,

Robert Dalton
AccessWest.com
support@accesswest.com