Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[ GLSA 200402-07 ] Clam Antivirus DoS vulnerability
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
GLSA
Bodhisattva
Bodhisattva


Joined: 25 Feb 2003
Posts: 3829
Location: Essen, Germany

PostPosted: Wed Feb 18, 2004 4:01 pm    Post subject: [ GLSA 200402-07 ] Clam Antivirus DoS vulnerability Reply with quote

Gentoo Linux Security Advisory

Title: Clam Antivirus DoS vulnerability (GLSA 200402-07)
Severity: normal
Exploitable: remote
Date: February 17, 2004
Bug(s): #41248
ID: 200402-07

Synopsis

Oliver Eikemeier has reported a vulnerability in Clam AV, which can be exploited by a malformed uuencoded message causing a denial of service for programs that rely on the clamav daemon, such as SMTP daemons.

Background

Clam AntiVirus is a GPLed anti-virus toolkit, designed for integration with mail servers to perform attachment scanning. Clam AV also provides a command line scanner and a tool for fetching updates of the virus database.

Affected Packages

Package: app-antivirus/clamav
Vulnerable: < 0.67
Unaffected: >= 0.67
Architectures: All supported architectures


Description

Oliver Eikemeier of Fillmore Labs discovered the overflow in Clam AV 0.65 when it handled malformed UUEncoded messages, causing the daemon to shut down. The problem originated in libclamav which calculates the line length of an uuencoded message by taking the ASCII value of the first character minus 64 while doing an assertion if the length is not in the allowed range, effectively terminating the calling program as clamav would not be available.

Impact

A malformed message would cause a denial of service, and depending on the server configuration this may impact other daemons relying on Clam AV in a fatal manner.

Workaround

There is no immediate workaround, a software upgrade is required.

Resolution

All users are urged to upgrade their Clam AV installations to Clam AV 0.67:
Code:
# emerge sync
# emerge -pv ">=app-antivirus/clamav-0.6.7"
# emerge ">=app-antivirus/clamav-0.6.7"


Last edited by GLSA on Sun May 07, 2006 4:50 pm; edited 1 time in total
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum