Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 106279

Summary: <=app-antivirus/clamav-0.86.2: buffer overflow
Product: Gentoo Security Reporter: Carsten Lohrke (RETIRED) <carlo>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: antivirus, net-mail+disabled
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B1 [glsa]
Package list:
Runtime testing required: ---

Description Carsten Lohrke (RETIRED) gentoo-dev 2005-09-17 07:54:17 UTC
Two vulnerabilities were identified in Clam AntiVirus (ClamAV), which could be
exploited by remote attackers or malware to execute arbitrary commands or cause
a denial of service.

The first issue is due to a buffer overflow error in "libclamav/upx.c" when
processing malformed UPX-packed executables, which could be exploited by
attackers to compromise a vulnerable system by sending, to a vulnerable
application, emails containing specially crafted files.

The second issue is due to an error in "libclamav/fsg.c" when processing
specially crafted FSG-packed executables, which could be exploited by attackers
to cause the application to enter an infinite loop.

http://www.frsirt.com/english/advisories/2005/1774


update to 0.87 available
Comment 1 Andrej Kacian (RETIRED) gentoo-dev 2005-09-17 08:51:39 UTC
clamav-0.87 is already in portage, all arch keywords bumped to unstable. I can
stabilize x86, as well as amd64, as I'm using clamav on both arches quite
extensively.
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2005-09-17 09:26:39 UTC
Archs, test and mark stable :
Target KEYWORDS="alpha amd64 hppa ia64 ppc ppc64 sparc x86"

Andrej: feel free to mark on archs you test on, just remove them from Cc: if you do.
Comment 3 Andrej Kacian (RETIRED) gentoo-dev 2005-09-17 09:42:58 UTC
Stable on x86 and amd64.
Comment 4 Michael Hanselmann (hansmi) (RETIRED) gentoo-dev 2005-09-17 11:15:48 UTC
Stable on ppc and hppa.
Comment 5 Jason Wever (RETIRED) gentoo-dev 2005-09-17 17:37:49 UTC
Stable on SPARC.
Comment 6 Bryan Østergaard (RETIRED) gentoo-dev 2005-09-17 19:26:04 UTC
Stable on alpha.
Comment 7 Markus Rothe (RETIRED) gentoo-dev 2005-09-18 00:07:47 UTC
stable on ppc64 
Comment 8 Thierry Carrez (RETIRED) gentoo-dev 2005-09-19 01:48:16 UTC
GLSA 200509-13
ia64 should mark stable to benefit from GLSA