Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 157612 - app-antivirus/f-prot 4.6.6 arbitrary code execution (CVE-2006-629[34], CVE-2006-6352, CVE-2006-6407)
Summary: app-antivirus/f-prot 4.6.6 arbitrary code execution (CVE-2006-629[34], CVE-20...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High normal (vote)
Assignee: Gentoo Security
URL: http://packetstormsecurity.org/0612-e...
Whiteboard: B1 [glsa] jaervosz
Keywords:
Depends on:
Blocks:
 
Reported: 2006-12-09 06:42 UTC by Andreas Arens
Modified: 2006-12-12 14:11 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Andreas Arens 2006-12-09 06:42:01 UTC
Two vulnerabilities in F-Prot Antivirus version 4.6.6 for Unix platforms could allow a remote attacker to cause a denial of service or execute arbitrary code. 

New version 4.6.7 is available and not vulnerable. Gentoo portage is still at 4.6.5.
f-prot can be used as mail scanner in amavis, so the problem is specifically servere.
Comment 1 Sune Kloppenborg Jeppesen gentoo-dev 2006-12-10 00:04:20 UTC
Antivirus please advise and bump as necessary.
Comment 2 Andrej Kacian (RETIRED) gentoo-dev 2006-12-10 01:27:38 UTC
4.6.7 has just been added to portage.
Comment 3 Sune Kloppenborg Jeppesen gentoo-dev 2006-12-10 01:45:24 UTC
Thx for the swift response ticho.

Arches please test and mark stable. Target keywords are:

f-prot-4.6.7.ebuild:KEYWORDS="amd64 -ppc -sparc x86"
Comment 4 Andrej Kacian (RETIRED) gentoo-dev 2006-12-10 02:03:50 UTC
x86 happy (come to think of it, we're *ALWAYS* happy)

La, la, la...
Comment 5 Dustin J. Mitchell 2006-12-10 18:14:11 UTC
Emerged fine on amd64, successfully ran a scan of /tmp -- looks good.

Gentoo Base System version 1.12.5
Portage 2.1.1-r1 (default-linux/amd64/2006.1, gcc-4.1.1, glibc-2.4-r3, 2.6.15-gentoo-r72006040301 x86_64)
=================================================================
System uname: 2.6.15-gentoo-r72006040301 x86_64 AMD Athlon(tm) 64 Processor 3700+
Last Sync: Mon, 11 Dec 2006 01:20:01 +0000
app-admin/eselect-compiler: [Not Present]
dev-java/java-config: [Not Present]
dev-lang/python:     2.4.3-r4
dev-python/pycrypto: 2.0.1-r5
dev-util/ccache:     [Not Present]
dev-util/confcache:  [Not Present]
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.60
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2
sys-devel/binutils:  2.16.1-r3
sys-devel/gcc-config: 1.3.13-r4
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.11-r2
ACCEPT_KEYWORDS="amd64"
AUTOCLEAN="yes"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc"
CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo"
CXXFLAGS="-O2 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig collision-protect confcache digest distlocks metadata-transfer multilib-strict sandbox sfperms strict"
GENTOO_MIRRORS="http://gentoo.chem.wisc.edu/gentoo/"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.us.gentoo.org/gentoo-portage"
USE="amd64 berkdb bitmap-fonts cli cracklib crypt cups dlloader dri elibc_glibc fortran gdbm gpm iconv input_devices_evdev input_devices_keyboard input_devices_mouse ipv6 isdnlog kernel_linux libg++ ncurses nls nptl nptlonly pam pcre perl ppds pppd python readline reflection session spl ssl tcpd truetype-fonts type1-fonts udev unicode userland_GNU video_cards_apm video_cards_ark video_cards_ati video_cards_chips video_cards_cirrus video_cards_cyrix video_cards_dummy video_cards_fbdev video_cards_glint video_cards_i128 video_cards_i810 video_cards_mga video_cards_neomagic video_cards_nv video_cards_rendition video_cards_s3 video_cards_s3virge video_cards_savage video_cards_siliconmotion video_cards_sis video_cards_sisusb video_cards_tdfx video_cards_tga video_cards_trident video_cards_tseng video_cards_v4l video_cards_vesa video_cards_vga video_cards_via video_cards_vmware video_cards_voodoo xorg zlib"
Unset:  CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, MAKEOPTS, PORTAGE_RSYNC_EXTRA_OPTS

Comment 6 Peter Weller (RETIRED) gentoo-dev 2006-12-11 09:07:25 UTC
Go Go Go! AMD64 gone! *teh poof* magic, innit :)
/me joins Ticho with his La, la, la's 
Comment 7 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2006-12-11 16:15:58 UTC
isn't it a B1 since f-prot is devoted to be used in a mail server?
Comment 8 Sune Kloppenborg Jeppesen gentoo-dev 2006-12-11 21:06:38 UTC
Yeah Falco I think you're right.
Comment 9 Sune Kloppenborg Jeppesen gentoo-dev 2006-12-12 14:11:44 UTC
GLSA 200612-12