|
ClamAV Multiple Vulnerabilities
|
|
Secunia Advisory:
|
SA29000
|
|
|
Release Date:
|
2008-04-14
|
|
Last Update:
|
2008-04-22
|
|
Popularity:
|
12,225 views
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
Security Bypass
DoS
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Clam AntiVirus (clamav) 0.x
ClamWin Free Antivirus 0.x
|
|
|
Binary Analysis:
|
BA446 :: Available for 1 Credit 
BA456 :: Available for 1 Credit
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 2 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Solution:
Update to version 0.93.
Provided and/or discovered by:
1) Alin Rad Pop, Secunia Research.
2) Damian Put, reported via iDefense.
3) Discovered using the PROTOS Genome Test Suite. Reported by Hanno Böck.
4) Damian Put and Thomas Pollet, reported via iDefense.
5) Reported by Thierry Zoller in a ClamAV bug report.
6) Reported by the vendor.
7) Discovered using the PROTOS Genome Test Suite. Reported by the vendor.
Changelog:
2008-04-15: Added vulnerabilities #2 and #3 to the advisory. Updated "Solution", credits, and "Original Advisory" sections.
2008-04-16: Added vulnerability #4. Updated credits and "Original Advisory" section.
2008-04-17: Added CVE reference.
2008-04-21: Added ClamWin to list of affected products. Added CVE reference. Added link to US-CERT.
2008-04-22: Added vulnerabilities #5, #6, and #7 to the advisory. Updated credits and "Original Advisory" section. Added CVE references.
Original Advisory:
ClamAV:
https://www.clamav.net/bugzilla/show_bug.cgi?id=878
https://www.clamav.net/bugzilla/show_bug.cgi?id=876
https://www.clamav.net/bugzilla/show_bug.cgi?id=897
https://www.clamav.net/bugzilla/show_bug.cgi?id=877
https://www.clamav.net/bugzilla/show_bug.cgi?id=541
https://www.clamav.net/bugzilla/show_bug.cgi?id=881
https://www.clamav.net/bugzilla/show_bug.cgi?id=898
Secunia Research:
http://secunia.com/secunia_research/2008-11/
Hanno Böck:
http://int21.de/cve/CVE-2008-1387-clamav.html
iDefense:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=686
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=687
Other References:
US-CERT VU#858595:
http://www.kb.cert.org/vuls/id/858595
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
