Bug 522157
| Summary: | Clam AntiVirus: Multiple vulnerabilities | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Elia Pinto <yersinia.spiros> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED DUPLICATE | QA Contact: | |
| Severity: | urgent | Docs Contact: | |
| Priority: | urgent | ||
| Version: | unspecified | CC: | yersinia.spiros |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://www.gentoo.org/security/en/glsa/glsa-200909-04.xml | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 461845 | Environment: | |
| Last Closed: | 2009-09-09 18:01:08 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
This bug is pubblic http://seclists.org/fulldisclosure/2009/Sep/0057.html It report Affected packages Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-antivirus/clamav < 0.95.2 >= 0.95.2 This is dupe of: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-6680 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2009-1371 *** This bug has been marked as a duplicate of bug 495039 *** |
Personal comment Probably SELINUX targeted policy, and Selinux Memory check, mitigate this but it necessary to upgrade anyway. I open here because this is a security bug and not a generic bug. ******************************************** Synopsis Multiple vulnerabilities in ClamAV allow for the remote execution of arbitrary code or Denial of Service. 2. Impact Information Background Clam AntiVirus (short: ClamAV) is an anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. Description Multiple vulnerabilities have been found in ClamAV: * The vendor reported a Divide-by-zero error in the PE ("Portable Executable"; Windows .exe) file handling of ClamAV (CVE-2008-6680). * Jeffrey Thomas Peckham found a flaw in libclamav/untar.c, possibly resulting in an infinite loop when processing TAR archives in clamd and clamscan (CVE-2009-1270). * Martin Olsen reported a vulnerability in the CLI_ISCONTAINED macro in libclamav/others.h, when processing UPack archives (CVE-2009-1371). * Nigel disclosed a stack-based buffer overflow in the "cli_url_canon()" function in libclamav/phishcheck.c when processing URLs (CVE-2009-1372). Impact A remote attacker could entice a user or automated system to process a specially crafted UPack archive or a file containing a specially crafted URL, possibly resulting in the remote execution of arbitrary code with the privileges of the user running the application, or a Denial of Service. Furthermore, a remote attacker could cause a Denial of Service by supplying a specially crafted TAR archive or PE executable to a Clam AntiVirus instance. 3. Resolution Information Workaround There is no known workaround at this time. Resolution All Clam AntiVirus users should upgrade to the latest version: