Friday, September 16, 2005

Clam AntiVirus (ClamAV) Buffer Overflow and DoS Vulnerabilities

Via FrSIRT.

FrSIRT Advisory : FrSIRT/ADV-2005-1774
CVE Reference : CAN-2005-2919 - CAN-2005-2920
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-09-16

* Technical Description *

Two vulnerabilities were identified in Clam AntiVirus (ClamAV), which could be exploited by remote attackers or malware to execute arbitrary commands or cause a denial of service.

The first issue is due to a buffer overflow error in "libclamav/upx.c" when processing malformed UPX-packed executables, which could be exploited by attackers to compromise a vulnerable system by sending, to a vulnerable application, emails containing specially crafted files.

The second issue is due to an error in "libclamav/fsg.c" when processing specially crafted FSG-packed executables, which could be exploited by attackers to cause the application to enter an infinite loop.

* Affected Products *

Clam AntiVirus (ClamAV) version 0.86.2 and prior

* Solution *

Upgrade to Clam AntiVirus (ClamAV) version 0.87 :
http://sourceforge.net/projects/clamav/

* References *

http://www.frsirt.com/english/advisories/2005/1774
http://sourceforge.net/project/shownotes.php?release_id=356974


0 Comments:

Post a Comment

<< Home