Executive Summary
Summary | |
---|---|
Title | New clamav packages fix several vulnerabilities |
Informations | |||
---|---|---|---|
Name | DSA-1435 | First vendor Publication | 2007-12-19 |
Vendor | Debian | Last vendor Modification | 2007-12-19 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-6335 It was discovered that an integer overflow in the decompression code for MEW archives may lead to the execution of arbitrary code. CVE-2007-6336 It was discovered that on off-by-one in the MS-ZIP decompression code may lead to the execution of arbitrary code. For the stable distribution (etch), these problems have been fixed in version 0.90.1-3etch8. The old stable distribution (sarge) is not affected by these problems. However, since the clamav version from Sarge cannot process all current Clam malware signatures any longer, support for the ClamAV in Sarge is now discontinued. We recommend to upgrade the the stable distribution or run a backport of the stable version. The unstable distribution (sid) will be fixed soon. We recommend that you upgrade your clamav packages. |
Original Source
Url : http://www.debian.org/security/2007/dsa-1435 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
67 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
33 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:18352 | |||
Oval ID: | oval:org.mitre.oval:def:18352 | ||
Title: | DSA-1435-1 clamav | ||
Description: | Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1435-1 CVE-2007-6335 CVE-2007-6336 | Version: | 7 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | clamav |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2008-01-07 | ClamAV 0.91.2 libclamav MEW PE Buffer Overflow Exploit |
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for clamav File : nvt/sles9p5012138.nasl |
2009-04-09 | Name : Mandriva Update for clamav MDVSA-2008:003 (clamav) File : nvt/gb_mandriva_MDVSA_2008_003.nasl |
2009-02-17 | Name : Fedora Update for clamav FEDORA-2008-0115 File : nvt/gb_fedora_2008_0115_clamav_fc8.nasl |
2009-02-17 | Name : Fedora Update for clamav FEDORA-2008-0170 File : nvt/gb_fedora_2008_0170_clamav_fc7.nasl |
2009-02-17 | Name : Fedora Update for clamav FEDORA-2008-3358 File : nvt/gb_fedora_2008_3358_clamav_fc7.nasl |
2009-02-17 | Name : Fedora Update for clamav FEDORA-2008-3420 File : nvt/gb_fedora_2008_3420_clamav_fc8.nasl |
2009-02-17 | Name : Fedora Update for clamav FEDORA-2008-6422 File : nvt/gb_fedora_2008_6422_clamav_fc8.nasl |
2009-02-17 | Name : Fedora Update for clamav FEDORA-2008-9651 File : nvt/gb_fedora_2008_9651_clamav_fc8.nasl |
2009-02-16 | Name : Fedora Update for clamav FEDORA-2008-1608 File : nvt/gb_fedora_2008_1608_clamav_fc7.nasl |
2009-02-16 | Name : Fedora Update for clamav FEDORA-2008-1625 File : nvt/gb_fedora_2008_1625_clamav_fc8.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200712-20 (clamav) File : nvt/glsa_200712_20.nasl |
2008-02-29 | Name : ClamAV < 0.93.1 vulnerability File : nvt/clamav-CB-A08-0001.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1435-1 (clamav) File : nvt/deb_1435_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
42295 | ClamAV libclamav cli_scanpe() MEW Packed PE File Handling Overflow |
42294 | ClamAV MS-ZIP Compressed CAB File Unspecified Arbitrary Code Execution |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | ClamAV MEW PE file integer overflow attempt RuleID : 13362 - Revision : 8 - Type : EXPLOIT |
2014-01-10 | ClamAV MEW PE file integer overflow attempt RuleID : 13361 - Revision : 13 - Type : FILE-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-003.nasl - Type : ACT_GATHER_INFO |
2008-03-19 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO |
2008-01-27 | Name : The remote Fedora host is missing a security update. File : fedora_2008-0115.nasl - Type : ACT_GATHER_INFO |
2008-01-27 | Name : The remote Fedora host is missing a security update. File : fedora_2008-0170.nasl - Type : ACT_GATHER_INFO |
2007-12-31 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200712-20.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1435.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote openSUSE host is missing a security update. File : suse_clamav-4832.nasl - Type : ACT_GATHER_INFO |
2007-12-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_clamav-4836.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:27:07 |
|