Executive Summary

Summary
Title New clamav packages fix several problems
Informations
Name DSA-776 First vendor Publication 2005-08-16
Vendor Debian Last vendor Modification 2005-08-16
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Several bugs were discovered in Clam AntiVirus, the antivirus scanner for Unix, designed for integration with mail servers to perform attachment scanning. The following problems were identified:

CAN-2005-2450

Neel Mehta and Alex Wheeler discovered that Clam AntiVirus is vulnerable to integer overflows when handling the TNEF, CHM and FSG file formats.

CVE-NOMATCH

Mark Pizzolato fixed a possible infinete loop that could cause a denial of service.

The old stable distribution (woody) is not affected as it doesn't contain clamav.

For the stable distribution (sarge) these problems have been fixed in version 0.84-2.sarge.2.

For the unstable distribution (sid) these problems have been fixed in version 0.86.2-1.

We recommend that you upgrade your clamav package.

Original Source

Url : http://www.debian.org/security/2005/dsa-776

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 3

OpenVAS Exploits

Date Description
2008-09-24 Name : Gentoo Security Advisory GLSA 200507-25 (clamav)
File : nvt/glsa_200507_25.nasl
2008-09-04 Name : FreeBSD Ports: clamav
File : nvt/freebsd_clamav3.nasl
2008-01-17 Name : Debian Security Advisory DSA 776-1 (clamav)
File : nvt/deb_776_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
18259 Clam AntiVirus FSG File Processing Overflow

A remote overflow exists in Clam AntiVirus. Clam AntiVirus fails to perform adequate boundary check in libclamav/fsg.c, resulting in a heap overflow. With a specially crafted request, an attacker can gain privileges equal to those of the Clam AntiVirus process, possibly allowing for a remote system compromise.
18258 Clam AntiVirus CHM File Processing Filename Overflow

A remote overflow exists in Clam AntiVirus. Clam AntiVirus fails to perform adequate boundary check in libclamav/chmunpack.c, resulting in a heap overflow. With a specially crafted request, an attacker can gain privileges equal to those of the Clam AntiVirus process, possibly allowing for a remote system compromise.
18257 Clam AntiVirus TNEF File Processing Multiple Overflows

A remote overflow exists in Clam AntiVirus. Clam AntiVirus fails to perform adequate boundary check in libclamav/tnef.c, resulting in a heap overflow. With a specially crafted request, an attacker can gain privileges equal to those of the Clam AntiVirus process, possibly allowing for a remote system compromise.

Snort® IPS/IDS

Date Description
2014-01-10 ClamAV CHM File Handling Integer Overflow attempt
RuleID : 17352 - Revision : 13 - Type : FILE-OTHER

Nessus® Vulnerability Scanner

Date Description
2005-10-05 Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2005-125.nasl - Type : ACT_GATHER_INFO
2005-08-18 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-776.nasl - Type : ACT_GATHER_INFO
2005-07-31 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200507-25.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:34:13
  • Multiple Updates