Executive Summary

Summary
Title New clamav packages fix denial of service
Informations
Name DSA-1660 First vendor Publication 2008-10-26
Vendor Debian Last vendor Modification 2008-10-26
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Several denial-of-service vulnerabilities have been discovered in the ClamAV anti-virus toolkit:

Insufficient checking for out-of-memory conditions results in null pointer derefences (CVE-2008-3912).

Incorrect error handling logic leads to memory leaks (CVE-2008-3913) and file descriptor leaks (CVE-2008-3914).

For the stable distribution (etch), these problems have been fixed in version 0.90.1dfsg-4etch15.

For the unstable distribution (sid) and the testing distribution (lenny), these problems have been fixed in version 0.94.dfsg-1.

We recommend that you upgrade your clamav package.

Original Source

Url : http://www.debian.org/security/2008/dsa-1660

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory Leak')
33 % CWE-399 Resource Management Errors
33 % CWE-200 Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:17755
 
Oval ID: oval:org.mitre.oval:def:17755
Title: DSA-1660-1 clamav - denial of service
Description: Several denial-of-service vulnerabilities have been discovered in the ClamAV anti-virus toolkit:
Family: unix Class: patch
Reference(s): DSA-1660-1
CVE-2008-3912
CVE-2008-3913
CVE-2008-3914
 Version: 7
Platform(s): Debian GNU/Linux 4.0
 Product(s): clamav
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7878
 
Oval ID: oval:org.mitre.oval:def:7878
Title: DSA-1660 clamav -- null pointer dereference, resource exhaustion
Description: Several denial-of-service vulnerabilities have been discovered in the ClamAV anti-virus toolkit: Insufficient checking for out-of-memory conditions results in null pointer dereferences (CVE-2008-3912). Incorrect error handling logic leads to memory leaks (CVE-2008-3913) and file descriptor leaks (CVE-2008-3914).
Family: unix Class: patch
Reference(s): DSA-1660
CVE-2008-3912
CVE-2008-3913
CVE-2008-3914
 Version: 4
Platform(s): Debian GNU/Linux 4.0
 Product(s): clamav
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 112
Os 1

OpenVAS Exploits

Date Description
2010-05-12 Name : Mac OS X Security Update 2008-007
File : nvt/macosx_secupd_2008-007.nasl
2009-10-13 Name : SLES10: Security update for clamav
File : nvt/sles10_clamav.nasl
2009-10-10 Name : SLES9: Security update for clamav
File : nvt/sles9p5035180.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:189 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_189.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:189-1 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_189_1.nasl
2009-02-17 Name : Fedora Update for clamav FEDORA-2008-9644
File : nvt/gb_fedora_2008_9644_clamav_fc9.nasl
2009-02-17 Name : Fedora Update for clamav FEDORA-2008-9651
File : nvt/gb_fedora_2008_9651_clamav_fc8.nasl
2008-11-01 Name : Debian Security Advisory DSA 1660-1 (clamav)
File : nvt/deb_1660_1.nasl
2008-09-28 Name : Gentoo Security Advisory GLSA 200809-18 (clamav)
File : nvt/glsa_200809_18.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
48239 ClamAV error path File Descriptor Leak Multiple Unspecified Issue
48238 ClamAV freshclam/manager.c error path Unspecified Memory Consumption DoS
48237 ClamAV libclamav Unspecified Memory Exhaustion DoS

Nessus® Vulnerability Scanner

Date Description
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12236.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_clamav-080905.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-189.nasl - Type : ACT_GATHER_INFO
2008-12-11 Name : The remote antivirus service is affected by multiple issues.
File : clamav_0_94.nasl - Type : ACT_GATHER_INFO
2008-11-16 Name : The remote Fedora host is missing a security update.
File : fedora_2008-9644.nasl - Type : ACT_GATHER_INFO
2008-11-16 Name : The remote Fedora host is missing a security update.
File : fedora_2008-9651.nasl - Type : ACT_GATHER_INFO
2008-10-27 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1660.nasl - Type : ACT_GATHER_INFO
2008-10-10 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2008-007.nasl - Type : ACT_GATHER_INFO
2008-09-26 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200809-18.nasl - Type : ACT_GATHER_INFO
2008-09-11 Name : The remote openSUSE host is missing a security update.
File : suse_clamav-5578.nasl - Type : ACT_GATHER_INFO
2008-09-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_clamav-5579.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:27:57
  • Multiple Updates