Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Informations | |||
|---|---|---|---|
| Name | CVE-2008-0318 | First vendor Publication | 2008-02-12 |
| Vendor | Cve | Last vendor Modification | 2011-03-07 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0318 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:18471 | |||
| Oval ID: | oval:org.mitre.oval:def:18471 | ||
| Title: | DSA-1497-1 clamav - several vulnerabilities | ||
| Description: | Several vulnerabilities have been discovered in the Clam anti-virus toolkit, which may lead to the execution of arbitrary or local denial of service. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1497-1 CVE-2007-6595 CVE-2008-0318 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | clamav |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:7444 | |||
| Oval ID: | oval:org.mitre.oval:def:7444 | ||
| Title: | DSA-1497 clamav -- several vulnerabilities | ||
| Description: | Several vulnerabilities have been discovered in the Clam anti-virus toolkit, which may lead to the execution of arbitrary or local denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: It was discovered that temporary files are created insecurely, which may result in local denial of service by overwriting files. Silvio Cesare discovered an integer overflow in the parser for PE headers. The version of clamav in the old stable distribution (sarge) is no longer supported with security updates. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1497 CVE-2007-6595 CVE-2008-0318 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | clamav |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-10-10 | Name : SLES9: Security update for clamav File : nvt/sles9p5021938.nasl |
| 2009-04-09 | Name : Mandriva Update for clamav MDVSA-2008:088 (clamav) File : nvt/gb_mandriva_MDVSA_2008_088.nasl |
| 2009-02-16 | Name : Fedora Update for clamav FEDORA-2008-1608 File : nvt/gb_fedora_2008_1608_clamav_fc7.nasl |
| 2009-02-16 | Name : Fedora Update for clamav FEDORA-2008-1625 File : nvt/gb_fedora_2008_1625_clamav_fc8.nasl |
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200802-09 (clamav) File : nvt/glsa_200802_09.nasl |
| 2008-09-04 | Name : FreeBSD Ports: clamav File : nvt/freebsd_clamav13.nasl |
| 2008-02-29 | Name : ClamAV < 0.93.1 vulnerability File : nvt/clamav-CB-A08-0001.nasl |
| 2008-02-28 | Name : Debian Security Advisory DSA 1497-1 (clamav) File : nvt/deb_1497_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 42297 | ClamAV libclamav cli_scanpe Function Petite Packed PE File Handling Overflow |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | ClamAV libclamav PE file handling integer overflow attempt RuleID : 17305 - Revision : 9 - Type : FILE-OTHER |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-088.nasl - Type : ACT_GATHER_INFO |
| 2008-03-19 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2008-002.nasl - Type : ACT_GATHER_INFO |
| 2008-02-25 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200802-09.nasl - Type : ACT_GATHER_INFO |
| 2008-02-18 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1497.nasl - Type : ACT_GATHER_INFO |
| 2008-02-18 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_be4b0529dbaf11dc9791000ea6702141.nasl - Type : ACT_GATHER_INFO |
| 2008-02-18 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_clamav-5008.nasl - Type : ACT_GATHER_INFO |
| 2008-02-18 | Name : The remote openSUSE host is missing a security update. File : suse_clamav-5009.nasl - Type : ACT_GATHER_INFO |
| 2008-02-14 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1608.nasl - Type : ACT_GATHER_INFO |
| 2008-02-14 | Name : The remote Fedora host is missing a security update. File : fedora_2008-1625.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2021-05-05 01:04:25 |
|
| 2021-05-04 12:07:00 |
|
| 2021-04-22 01:07:28 |
|
| 2020-05-23 01:39:00 |
|
| 2020-05-23 00:21:08 |
|
| 2016-04-26 17:02:01 |
|
| 2014-02-17 10:43:29 |
|
| 2014-01-19 21:24:45 |
|
| 2013-05-11 00:06:55 |
|
