Gentoo Archives: gentoo-announce

From: Sune Kloppenborg Jeppesen <jaervosz@g.o>
To: gentoo-announce@l.g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] [ GLSA 200604-06 ] ClamAV: Multiple vulnerabilities
Date: Fri, 07 Apr 2006 20:04:38
Message-Id: 200604072145.47217.jaervosz@gentoo.org
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory GLSA 200604-06
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: High
8 Title: ClamAV: Multiple vulnerabilities
9 Date: April 07, 2006
10 Bugs: #128963
11 ID: 200604-06
12
13 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15 Synopsis
16 ========
17
18 ClamAV contains multiple vulnerabilities that could lead to remote
19 execution of arbitrary code or cause an application crash.
20
21 Background
22 ==========
23
24 ClamAV is a GPL virus scanner.
25
26 Affected packages
27 =================
28
29 -------------------------------------------------------------------
30 Package / Vulnerable / Unaffected
31 -------------------------------------------------------------------
32 1 app-antivirus/clamav < 0.88.1 >= 0.88.1
33
34 Description
35 ===========
36
37 ClamAV contains format string vulnerabilities in the logging code
38 (CVE-2006-1615). Furthermore Damian Put discovered an integer overflow
39 in ClamAV's PE header parser (CVE-2006-1614) and David Luyer discovered
40 that ClamAV can be tricked into performing an invalid memory access
41 (CVE-2006-1630).
42
43 Impact
44 ======
45
46 By sending a malicious attachment to a mail server running ClamAV, a
47 remote attacker could cause a Denial of Service or the execution of
48 arbitrary code. Note that the overflow in the PE header parser is only
49 exploitable when the ArchiveMaxFileSize option is disabled.
50
51 Workaround
52 ==========
53
54 There is no known workaround at this time.
55
56 Resolution
57 ==========
58
59 All ClamAV users should upgrade to the latest version:
60
61 # emerge --sync
62 # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.88.1"
63
64 References
65 ==========
66
67 [ 1 ] CVE-2006-1614
68 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1614
69 [ 2 ] CVE-2006-1615
70 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1615
71 [ 3 ] CVE-2006-1630
72 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1630
73
74 Availability
75 ============
76
77 This GLSA and any updates to it are available for viewing at
78 the Gentoo Security Website:
79
80 http://security.gentoo.org/glsa/glsa-200604-06.xml
81
82 Concerns?
83 =========
84
85 Security is a primary focus of Gentoo Linux and ensuring the
86 confidentiality and security of our users machines is of utmost
87 importance to us. Any security concerns should be addressed to
88 security@g.o or alternatively, you may file a bug at
89 http://bugs.gentoo.org.
90
91 License
92 =======
93
94 Copyright 2006 Gentoo Foundation, Inc; referenced text
95 belongs to its owner(s).
96
97 The contents of this document are licensed under the
98 Creative Commons - Attribution / Share Alike license.
99
100 http://creativecommons.org/licenses/by-sa/2.0