MDVSA-2009:097

Executive Summary

Informations
Name	MDVSA-2009:097	First vendor Publication	2009-04-24
Vendor	Mandriva	Last vendor Modification	2009-04-24
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple vulnerabilities has been found and corrected in clamav:

Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive (CVE-2009-1241).

libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error (CVE-2008-6680).

libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted file that causes (1) clamd and (2) clamscan to hang (CVE-2009-1270).

The CLI_ISCONTAINED macro in libclamav/others.h in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) via a malformed file with UPack encoding (CVE-2009-1371).

Stack-based buffer overflow in the cli_url_canon function in libclamav/phishcheck.c in ClamAV before 0.95.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted URL (CVE-2009-1372).

Important notice about this upgrade: clamav-0.95+ bundles support for RAR v3 in libclamav which is a license violation as the RAR v3 license and the GPL license is not compatible. As a consequence to this Mandriva has been forced to remove the RAR v3 code.

This update provides clamav 0.95.1, which is not vulnerable to these issues.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2009:097

CWE : Common Weakness Enumeration

id	Name
CWE-20	Improper Input Validation
CWE-189	Numeric Errors
CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
CWE-94	Failure to Control Generation of Code ('Code Injection')

CPE : Common Platform Enumeration

Type	Description	Count
Application	Cclamav Clamav cpe:/a:cclamav:clamav:0.14	1
Application	Clam Anti-Virus Clamav cpe:/a:clam_anti-virus:clamav:0.94.1 cpe:/a:clam_anti-virus:clamav:0.94 cpe:/a:clam_anti-virus:clamav:0.94:rc1 cpe:/a:clam_anti-virus:clamav:0.93.3 cpe:/a:clam_anti-virus:clamav:0.93.2 cpe:/a:clam_anti-virus:clamav:0.93.1 cpe:/a:clam_anti-virus:clamav:0.93 cpe:/a:clam_anti-virus:clamav:0.92.1 cpe:/a:clam_anti-virus:clamav:0.92:p0 cpe:/a:clam_anti-virus:clamav:0.92 cpe:/a:clam_anti-virus:clamav:0.91rc2 cpe:/a:clam_anti-virus:clamav:0.91rc1 cpe:/a:clam_anti-virus:clamav:0.91.2 cpe:/a:clam_anti-virus:clamav:0.91.2:p0 cpe:/a:clam_anti-virus:clamav:0.91.1 cpe:/a:clam_anti-virus:clamav:0.91 cpe:/a:clam_anti-virus:clamav:0.90rc1 cpe:/a:clam_anti-virus:clamav:0.90.3:p0 cpe:/a:clam_anti-virus:clamav:0.90.3 cpe:/a:clam_anti-virus:clamav:0.90.3:p1 cpe:/a:clam_anti-virus:clamav:0.90.2:p0 cpe:/a:clam_anti-virus:clamav:0.90.2 cpe:/a:clam_anti-virus:clamav:0.90.1 cpe:/a:clam_anti-virus:clamav:0.90.1:p0 cpe:/a:clam_anti-virus:clamav:0.90_rc3 cpe:/a:clam_anti-virus:clamav:0.90_rc2 cpe:/a:clam_anti-virus:clamav:0.90_rc1.1 cpe:/a:clam_anti-virus:clamav:0.90 cpe:/a:clam_anti-virus:clamav:0.88.7:p0 cpe:/a:clam_anti-virus:clamav:0.88.7:p1 cpe:/a:clam_anti-virus:clamav:0.88.7 cpe:/a:clam_anti-virus:clamav:0.88.6 cpe:/a:clam_anti-virus:clamav:0.88.5 cpe:/a:clam_anti-virus:clamav:0.88.4 cpe:/a:clam_anti-virus:clamav:0.88.3 cpe:/a:clam_anti-virus:clamav:0.88.2 cpe:/a:clam_anti-virus:clamav:0.88.1 cpe:/a:clam_anti-virus:clamav:0.88 cpe:/a:clam_anti-virus:clamav:0.87.1 cpe:/a:clam_anti-virus:clamav:0.87 cpe:/a:clam_anti-virus:clamav:0.86.2 cpe:/a:clam_anti-virus:clamav:0.86.1 cpe:/a:clam_anti-virus:clamav:0.86_rc1 cpe:/a:clam_anti-virus:clamav:0.86:rc1 cpe:/a:clam_anti-virus:clamav:0.86 cpe:/a:clam_anti-virus:clamav:0.85.1 cpe:/a:clam_anti-virus:clamav:0.85 cpe:/a:clam_anti-virus:clamav:0.84_rc2 cpe:/a:clam_anti-virus:clamav:0.84_rc1 cpe:/a:clam_anti-virus:clamav:0.84 cpe:/a:clam_anti-virus:clamav:0.84:rc2 cpe:/a:clam_anti-virus:clamav:0.84:rc1 cpe:/a:clam_anti-virus:clamav:0.83 cpe:/a:clam_anti-virus:clamav:0.82 cpe:/a:clam_anti-virus:clamav:0.81_rc1 cpe:/a:clam_anti-virus:clamav:0.81:rc1 cpe:/a:clam_anti-virus:clamav:0.81 cpe:/a:clam_anti-virus:clamav:0.80_rc4 cpe:/a:clam_anti-virus:clamav:0.80_rc3 cpe:/a:clam_anti-virus:clamav:0.80_rc2 cpe:/a:clam_anti-virus:clamav:0.80_rc1 cpe:/a:clam_anti-virus:clamav:0.80:rc cpe:/a:clam_anti-virus:clamav:0.80:rc4 cpe:/a:clam_anti-virus:clamav:0.80:rc2 cpe:/a:clam_anti-virus:clamav:0.80 cpe:/a:clam_anti-virus:clamav:0.80:rc3 cpe:/a:clam_anti-virus:clamav:0.75.1 cpe:/a:clam_anti-virus:clamav:0.75 cpe:/a:clam_anti-virus:clamav:0.74 cpe:/a:clam_anti-virus:clamav:0.73 cpe:/a:clam_anti-virus:clamav:0.72 cpe:/a:clam_anti-virus:clamav:0.71 cpe:/a:clam_anti-virus:clamav:0.70 cpe:/a:clam_anti-virus:clamav:0.68.1 cpe:/a:clam_anti-virus:clamav:0.68 cpe:/a:clam_anti-virus:clamav:0.67 cpe:/a:clam_anti-virus:clamav:0.65 cpe:/a:clam_anti-virus:clamav:0.60p cpe:/a:clam_anti-virus:clamav:0.60 cpe:/a:clam_anti-virus:clamav:0.54 cpe:/a:clam_anti-virus:clamav:0.53 cpe:/a:clam_anti-virus:clamav:0.52 cpe:/a:clam_anti-virus:clamav:0.51 cpe:/a:clam_anti-virus:clamav:0.24 cpe:/a:clam_anti-virus:clamav:0.23 cpe:/a:clam_anti-virus:clamav:0.22 cpe:/a:clam_anti-virus:clamav:0.21 cpe:/a:clam_anti-virus:clamav:0.20 cpe:/a:clam_anti-virus:clamav:0.15 cpe:/a:clam_anti-virus:clamav:0.14:pre cpe:/a:clam_anti-virus:clamav:0.14 cpe:/a:clam_anti-virus:clamav:0.13 cpe:/a:clam_anti-virus:clamav:0.12 cpe:/a:clam_anti-virus:clamav:0.11 cpe:/a:clam_anti-virus:clamav:0.10 cpe:/a:clam_anti-virus:clamav:0.06 cpe:/a:clam_anti-virus:clamav:0.05 cpe:/a:clam_anti-virus:clamav:0.04 cpe:/a:clam_anti-virus:clamav:0.03 cpe:/a:clam_anti-virus:clamav:0.02 cpe:/a:clam_anti-virus:clamav:0.01 cpe:/a:clam_anti-virus:clamav	102
Application	Clamav Clamav cpe:/a:clamav:clamav:0.95 cpe:/a:clamav:clamav:0.95:src1 cpe:/a:clamav:clamav:0.95:src2 cpe:/a:clamav:clamav:0.94.2 cpe:/a:clamav:clamav:0.94.1 cpe:/a:clamav:clamav:0.94 cpe:/a:clamav:clamav:0.93.3 cpe:/a:clamav:clamav:0.93.2 cpe:/a:clamav:clamav:0.93.1 cpe:/a:clamav:clamav:0.93 cpe:/a:clamav:clamav:0.92.1 cpe:/a:clamav:clamav:0.92_p0 cpe:/a:clamav:clamav:0.92 cpe:/a:clamav:clamav:0.91.2_p0 cpe:/a:clamav:clamav:0.91.2 cpe:/a:clamav:clamav:0.91.1 cpe:/a:clamav:clamav:0.91_rc2 cpe:/a:clamav:clamav:0.91_rc1 cpe:/a:clamav:clamav:0.91 cpe:/a:clamav:clamav:0.90.3_p1 cpe:/a:clamav:clamav:0.90.3_p0 cpe:/a:clamav:clamav:0.90.3 cpe:/a:clamav:clamav:0.90.2_p0 cpe:/a:clamav:clamav:0.90.2 cpe:/a:clamav:clamav:0.90.1_p0 cpe:/a:clamav:clamav:0.90.1 cpe:/a:clamav:clamav:0.90_rc3 cpe:/a:clamav:clamav:0.90_rc2 cpe:/a:clamav:clamav:0.90_rc1.1 cpe:/a:clamav:clamav:0.90_rc1 cpe:/a:clamav:clamav:0.90 cpe:/a:clamav:clamav:0.9_rc1 cpe:/a:clamav:clamav:0.88.7_p1 cpe:/a:clamav:clamav:0.88.7_p0 cpe:/a:clamav:clamav:0.88.7 cpe:/a:clamav:clamav:0.88.6 cpe:/a:clamav:clamav:0.88.5 cpe:/a:clamav:clamav:0.88.4 cpe:/a:clamav:clamav:0.88.3 cpe:/a:clamav:clamav:0.88.2 cpe:/a:clamav:clamav:0.88.1 cpe:/a:clamav:clamav:0.88 cpe:/a:clamav:clamav:0.87.1 cpe:/a:clamav:clamav:0.87 cpe:/a:clamav:clamav:0.86.2 cpe:/a:clamav:clamav:0.86.1 cpe:/a:clamav:clamav:0.86_rc1 cpe:/a:clamav:clamav:0.86 cpe:/a:clamav:clamav:0.85.1 cpe:/a:clamav:clamav:0.85 cpe:/a:clamav:clamav:0.84_rc2 cpe:/a:clamav:clamav:0.84_rc1 cpe:/a:clamav:clamav:0.84 cpe:/a:clamav:clamav:0.83 cpe:/a:clamav:clamav:0.82 cpe:/a:clamav:clamav:0.81_rc1 cpe:/a:clamav:clamav:0.81 cpe:/a:clamav:clamav:0.80_rc3 cpe:/a:clamav:clamav:0.80_rc2 cpe:/a:clamav:clamav:0.80_rc1 cpe:/a:clamav:clamav:0.80_rc cpe:/a:clamav:clamav:0.80 cpe:/a:clamav:clamav:0.80:rc4 cpe:/a:clamav:clamav:0.8_:rc3 cpe:/a:clamav:clamav:0.75.1 cpe:/a:clamav:clamav:0.75 cpe:/a:clamav:clamav:0.74 cpe:/a:clamav:clamav:0.73 cpe:/a:clamav:clamav:0.72 cpe:/a:clamav:clamav:0.71 cpe:/a:clamav:clamav:0.70:rc cpe:/a:clamav:clamav:0.70 cpe:/a:clamav:clamav:0.68.1 cpe:/a:clamav:clamav:0.68 cpe:/a:clamav:clamav:0.67-1 cpe:/a:clamav:clamav:0.67 cpe:/a:clamav:clamav:0.66 cpe:/a:clamav:clamav:0.65 cpe:/a:clamav:clamav:0.60p cpe:/a:clamav:clamav:0.60 cpe:/a:clamav:clamav:0.54 cpe:/a:clamav:clamav:0.53 cpe:/a:clamav:clamav:0.52 cpe:/a:clamav:clamav:0.51 cpe:/a:clamav:clamav:0.3 cpe:/a:clamav:clamav:0.24 cpe:/a:clamav:clamav:0.23 cpe:/a:clamav:clamav:0.22 cpe:/a:clamav:clamav:0.21 cpe:/a:clamav:clamav:0.20 cpe:/a:clamav:clamav:0.15 cpe:/a:clamav:clamav:0.14:pre cpe:/a:clamav:clamav:0.13 cpe:/a:clamav:clamav:0.12 cpe:/a:clamav:clamav:0.10 cpe:/a:clamav:clamav:0.05 cpe:/a:clamav:clamav:0.03 cpe:/a:clamav:clamav:0.02 cpe:/a:clamav:clamav:0.01	99
Application	Clamavclamav 0.11 cpe:/a:clamavclamav:0.11	1
Application	Clamavclamav 0.80 Rc4 cpe:/a:clamavclamav:0.80_rc4	1
Application	Clamavs Clamav cpe:/a:clamavs:clamav:0.24 cpe:/a:clamavs:clamav:0.06 cpe:/a:clamavs:clamav:0.04	3

Open Source Vulnerability Database (OSVDB)

id	Description
53603	ClamAV libclamav/phishcheck.c cli_url_canon() Function URL Handling Overflow
53602	ClamAV Malformed UPack Packed File Handling DoS
53598	ClamAV --detect-broken Option PE File Handling DoS
53597	ClamAV RAR Archive Invalid Uncompressed Size Field Scan Bypass
53461	ClamAV libclamav/untar.c clamd / clamscan Infinite Loop DoS