Executive Summary

Summary
Title ClamAV: Multiple vulnerabilities
Informations
Name GLSA-200805-19 First vendor Publication 2008-05-20
Vendor Gentoo Last vendor Modification 2008-05-20
Severity (Vendor) High Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities in ClamAV may result in the remote execution of arbitrary code.

Background

Clam AntiVirus is a free anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways.

Description

Multiple vulnerabilities have been reported:

* Damian Put reported a heap-based buffer overflow when processing PeSpin packed PE binaries (CVE-2008-0314).

* Alin Rad Pop of Secunia Research reported a buffer overflow in the cli_scanpe() function when processing Upack PE binaries (CVE-2008-1100).

* Hanno Boeck reported an infinite loop when processing ARJ archives (CVE-2008-1387).

* Damian Put and Thomas Pollet reported a heap-based buffer overflow when processing WWPack compressed PE binaries (CVE-2008-1833).

* A buffer over-read was discovered in the rfc2231() function when producing a string that is not NULL terminated (CVE-2008-1836).

* An unspecified vulnerability leading to "memory problems" when scanning RAR files was reported (CVE-2008-1837).

* Thierry Zoller reported that scanning of RAR files could be circumvented (CVE-2008-1835).

Impact

A remote attacker could entice a user or automated system to scan a specially crafted file, possibly leading to the execution of arbitrary code with the privileges of the user running ClamAV (either a system user or the "clamav" user if clamd is compromised), or a Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All ClamAV users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.93"

References

[ 1 ] CVE-2008-0314 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0314
[ 2 ] CVE-2008-1100 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1100
[ 3 ] CVE-2008-1387 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1387
[ 4 ] CVE-2008-1833 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1833
[ 5 ] CVE-2008-1835 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1835
[ 6 ] CVE-2008-1836 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1836
[ 7 ] CVE-2008-1837 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1837

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200805-19.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-200805-19.xml

CWE : Common Weakness Enumeration

% Id Name
60 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
20 % CWE-399 Resource Management Errors
20 % CWE-20 Improper Input Validation

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:18708
 
Oval ID: oval:org.mitre.oval:def:18708
Title: DSA-1549-1 clamav
Description: Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit.
Family: unix Class: patch
Reference(s): DSA-1549-1
CVE-2008-0314
CVE-2008-1100
CVE-2008-1833
 Version: 7
Platform(s): Debian GNU/Linux 4.0
 Product(s): clamav
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7781
 
Oval ID: oval:org.mitre.oval:def:7781
Title: DSA-1549 clamav -- buffer overflows
Description: Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. The Common Vulnerabilities and Exposures project identifies the following problems: Damian Put discovered that a buffer overflow in the handler for PeSpin binaries may lead to the execution of arbitrary code. Alin Rad Pop discovered that a buffer overflow in the handler for Upack PE binaries may lead to the execution of arbitrary code. Damian Put and Thomas Pollet discovered that a buffer overflow in the handler for WWPack-compressed PE binaries may lead to the execution of arbitrary code.
Family: unix Class: patch
Reference(s): DSA-1549
CVE-2008-0314
CVE-2008-1100
CVE-2008-1833
 Version: 3
Platform(s): Debian GNU/Linux 4.0
 Product(s): clamav
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 95

OpenVAS Exploits

Date Description
2010-05-12 Name : Mac OS X 10.5.5 Update / Security Update 2008-006
File : nvt/macosx_upd_10_5_5_secupd_2008-006.nasl
2009-10-10 Name : SLES9: Security update for clamav
File : nvt/sles9p5023300.nasl
2009-04-09 Name : Mandriva Update for clamav MDVSA-2008:088 (clamav)
File : nvt/gb_mandriva_MDVSA_2008_088.nasl
2009-02-17 Name : Fedora Update for clamav FEDORA-2008-3358
File : nvt/gb_fedora_2008_3358_clamav_fc7.nasl
2009-02-17 Name : Fedora Update for clamav FEDORA-2008-3420
File : nvt/gb_fedora_2008_3420_clamav_fc8.nasl
2009-02-17 Name : Fedora Update for clamav FEDORA-2008-3900
File : nvt/gb_fedora_2008_3900_clamav_fc9.nasl
2009-02-17 Name : Fedora Update for clamav FEDORA-2008-6422
File : nvt/gb_fedora_2008_6422_clamav_fc8.nasl
2009-02-17 Name : Fedora Update for clamav FEDORA-2008-9651
File : nvt/gb_fedora_2008_9651_clamav_fc8.nasl
2009-01-23 Name : SuSE Update for clamav SUSE-SA:2008:024
File : nvt/gb_suse_2008_024.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200805-19 (clamav)
File : nvt/glsa_200805_19.nasl
2008-09-04 Name : FreeBSD Ports: clamav
File : nvt/freebsd_clamav14.nasl
2008-04-21 Name : Debian Security Advisory DSA 1549-1 (clamav)
File : nvt/deb_1549_1.nasl
2008-02-29 Name : ClamAV < 0.93.1 vulnerability
File : nvt/clamav-CB-A08-0001.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
44524 ClamAV libclamunrar Crafted RAR File Handling Remote DoS
44523 ClamAV libclamav message.c rfc2231 Function Crafted Message Remote DoS
44522 ClamAV Crafted RAR File Handling Remote Security Bypass
44521 ClamAV libclamav Crafted WWPack Compressed PE File Remote Overflow
44520 ClamAV ARJ Archive Handling Unspecified Resource Consumption DoS
44519 ClamAV libclamav spin.c Crafted PeSpin Packed PE Binary Handling Overflow
44370 ClamAV libclamav/pe.c cli_scanpe Function Crafted Upack PE File Handling Remo...

Nessus® Vulnerability Scanner

Date Description
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-088.nasl - Type : ACT_GATHER_INFO
2008-09-16 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_5_5.nasl - Type : ACT_GATHER_INFO
2008-09-16 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2008-006.nasl - Type : ACT_GATHER_INFO
2008-05-22 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200805-19.nasl - Type : ACT_GATHER_INFO
2008-05-16 Name : The remote Fedora host is missing a security update.
File : fedora_2008-3900.nasl - Type : ACT_GATHER_INFO
2008-05-01 Name : The remote Fedora host is missing a security update.
File : fedora_2008-3358.nasl - Type : ACT_GATHER_INFO
2008-05-01 Name : The remote Fedora host is missing a security update.
File : fedora_2008-3420.nasl - Type : ACT_GATHER_INFO
2008-04-25 Name : The remote openSUSE host is missing a security update.
File : suse_clamav-5199.nasl - Type : ACT_GATHER_INFO
2008-04-25 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_clamav-5200.nasl - Type : ACT_GATHER_INFO
2008-04-22 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1549.nasl - Type : ACT_GATHER_INFO
2008-04-18 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_589d80530b0311ddb4ef00e07dc4ec84.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:35:53
  • Multiple Updates