GLSA Bodhisattva
Joined: 25 Feb 2003 Posts: 3829 Location: Essen, Germany
|
Posted: Mon Jan 31, 2005 8:10 pm Post subject: [ GLSA 200501-46 ] ClamAV: Multiple issues |
|
|
Gentoo Linux Security Advisory
Title: ClamAV: Multiple issues (GLSA 200501-46)
Severity: normal
Exploitable: remote
Date: January 31, 2005
Updated: May 22, 2006
Bug(s): #78656, #79194
ID: 200501-46
Synopsis
ClamAV contains two vulnerabilities that could lead to Denial of Service and evasion of virus scanning.
Background
ClamAV is an antivirus toolkit. It includes a multi-threaded daemon and a command line scanner.
Affected Packages
Package: app-antivirus/clamav
Vulnerable: <= 0.80
Unaffected: >= 0.81
Architectures: All supported architectures
Description
ClamAV fails to properly scan ZIP files with special headers (CAN-2005-0133) and base64 encoded images in URLs.
Impact
By sending a base64 encoded image file in a URL an attacker could evade virus scanning. By sending a specially-crafted ZIP file an attacker could cause a Denial of Service by crashing the clamd daemon.
Workaround
There is no known workaround at this time.
Resolution
All ClamAV users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.81" |
References
CAN-2005-0133
CVE-2005-0218
ClamAV Release Announcement
Secunia SA13900
Last edited by GLSA on Mon May 22, 2006 4:18 am; edited 2 times in total |
|