Executive Summary

Summary
TitleNew clamav packages fix several vulnerabilities
Informations
NameDSA-1771First vendor Publication2009-04-15
VendorDebianLast vendor Modification2009-04-15
Severity (Vendor) N/ARevision1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score7.8Attack RangeNetwork
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Several vulnerabilities have been discovered in the ClamAV anti-virus toolkit:

CVE-2008-6680

Attackers can cayse a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error.

CVE-2009-1270

Attackers can cause a denial of service (infinite loop) via a crafted tar file that causes (1) clamd and (2) clamscan to hang.

(no CVE Id yet)

Attackers can cause a denial of service (crash) via a crafted EXE file that crashes the UPack unpacker.

For the old stable distribution (etch), these problems have been fixed in version 0.90.1dfsg-4etch19.

For the stable distribution (lenny), these problems have been fixed in version 0.94.dfsg.2-1lenny2.

For the unstable distribution (sid), these problems have been fixed in version 0.95.1+dfsg-1.

We recommend that you upgrade your clamav packages.

Original Source

Url : http://www.debian.org/security/2009/dsa-1771

CWE : Common Weakness Enumeration

idName
CWE-189Numeric Errors
CWE-94Failure to Control Generation of Code ('Code Injection')
CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Application99
Application1
Application1
Application3

OpenVAS Exploits

DateDescription
2010-05-12Name : Mac OS X Security Update 2009-005
File : nvt/macosx_secupd_2009-005.nasl
2009-12-14Name : Mandriva Security Advisory MDVSA-2009:327 (clamav)
File : nvt/mdksa_2009_327.nasl
2009-10-10Name : SLES9: Security update for ClamAV
File : nvt/sles9p5048232.nasl
2009-09-15Name : Gentoo Security Advisory GLSA 200909-04 (clamav)
File : nvt/glsa_200909_04.nasl
2009-04-30Name : ClamAV Denial of Service Vulnerability (Linux)
File : nvt/secpod_clamav_dos_vuln_lin.nasl
2009-04-30Name : ClamAV Denial of Service Vulnerability (Win)
File : nvt/secpod_clamav_dos_vuln_win.nasl
2009-04-28Name : Mandrake Security Advisory MDVSA-2009:097 (clamav)
File : nvt/mdksa_2009_097.nasl
2009-04-23Name : ClamAV Multiple Vulnerabilities (Linux)
File : nvt/gb_clamav_mult_vuln_apr09_lin.nasl
2009-04-23Name : ClamAV Multiple Vulnerabilities (Win)
File : nvt/gb_clamav_mult_vuln_apr09_win.nasl
2009-04-20Name : Debian Security Advisory DSA 1771-1 (clamav)
File : nvt/deb_1771_1.nasl
2009-04-15Name : Ubuntu USN-754-1 (clamav)
File : nvt/ubuntu_754_1.nasl
2009-04-15Name : Ubuntu USN-756-1 (clamav)
File : nvt/ubuntu_756_1.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
53602ClamAV Malformed UPack Packed File Handling DoS
53598ClamAV --detect-broken Option PE File Handling DoS
53461ClamAV libclamav/untar.c clamd / clamscan Infinite Loop DoS

Nessus® Vulnerability Scanner

DateDescription
2009-12-09Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-327.nasl - Type : ACT_GATHER_INFO
2009-09-24Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12402.nasl - Type : ACT_GATHER_INFO
2009-09-11Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2009-005.nasl - Type : ACT_GATHER_INFO
2009-09-10Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200909-04.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote SuSE system is missing a security patch for clamav
File : suse_11_1_clamav-090416.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote SuSE system is missing a security patch for clamav
File : suse_11_0_clamav-090417.nasl - Type : ACT_GATHER_INFO
2009-04-27Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-097.nasl - Type : ACT_GATHER_INFO
2009-04-27Name : The remote SuSE system is missing the security patch clamav-6201
File : suse_clamav-6201.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-754-1.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-756-1.nasl - Type : ACT_GATHER_INFO
2009-04-16Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1771.nasl - Type : ACT_GATHER_INFO
2009-04-10Name : The remote antivirus service is affected by multiple vulnerabilities.
File : clamav_0_95_1.nasl - Type : ACT_GATHER_INFO
2009-04-02Name : The remote antivirus service is affected by multiple vulnerabilities.
File : clamav_0_95.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2014-02-17 11:28:23
  • Multiple Updates