Summary: | app-antivirus/clamav: Multiple security fixes in 0.87.1 | ||||||
---|---|---|---|---|---|---|---|
Product: | Gentoo Security | Reporter: | Sune Kloppenborg Jeppesen (RETIRED) <jaervosz> | ||||
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | critical | CC: | antivirus, net-mail+disabled, sascha-gentoo-bugzilla | ||||
Priority: | High | ||||||
Version: | unspecified | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
URL: | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=333566 | ||||||
Whiteboard: | A1 [glsa] jaervosz | ||||||
Package list: | Runtime testing required: | --- | |||||
Attachments: |
|
Description
Sune Kloppenborg Jeppesen (RETIRED)
2005-10-13 14:19:14 UTC
antivirus/net-mail please advise. Nothing yet upstream afaict This is CAN-2005-3239 Still nothing upstream. Created attachment 71477 [details, diff]
clamav-CVE-2005-3239.patch
Patch extracted from clamav CVS, untested.
antivirus / net-mail: please check/apply patch and bump. I'm sorry, I'll be out of touch until Monday, so I can't do this one on time. BTW, is there a sample corrupted .doc file to test on? I couldn't find any. There is one on the Debian bug : http://bugs.debian.org/cgi-bin/bugreport.cgi/KOCH.DOC?bug=333566;msg=19;att=1 There is 0.87.1 out which fixes this. Ebuild is now in portage, x86 already tested and stable. Arches please test and mark stable. Potential additional security fixorz : - libclamav/petite.c: fix boundary checks (acab) - libclamav/mbox.c: scan attachments that have no filename (njh) - libclamav/fsg.c: fix buffer size calculation in unfsg_133 Reported by Zero Day Initiative (ZDI-CAN-004) - libclamav/tnef.c: fix possible infinite loop Reported by iDEFENSE (IDEF1169). - libclamav/mspack/cabd.c: fix possible infinite loop in cabd_find (tk) Reported by iDEFENSE (IDEF1180). sparc stable. marked ppc64 stable 0.87.1 stable on alpha The fsg thing allows remote code execution : )))))))))))))))) ZDI-05-002: Clam Antivirus Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-05-002.html CAN-2005-3303 This vulnerability allows remote attackers to execute arbitrary code on vulnerable ClamAV installations. Authentication is not required to exploit this vulnerability. This specific flaw exists within libclamav/fsg.c during the unpacking of executable files compressed with FSG v1.33. Due to invalid bounds checking when copying user-supplied data to heap allocated memory, an exploitable memory corruption condition is created. The unpacking algorithm for other versions of FSG is not affected. ))))))))))))))))) Stable on ppc and hppa. amd64 happy too GLSA 200511-04 ia64 don't forget to mark stable. |