GLSA 200509-13: Clam AntiVirus: Multiple vulnerabilities

Severity:high
Title:Clam AntiVirus: Multiple vulnerabilities
Date:09/19/2005
Bugs: #106279
ID:200509-13

Synopsis

Clam AntiVirus is subject to vulnerabilities ranging from Denial of Service to execution of arbitrary code when handling compressed executables.

Background

Clam AntiVirus is a GPL anti-virus toolkit, designed for integration with mail servers to perform attachment scanning. Clam AntiVirus also provides a command line scanner and a tool for fetching updates of the virus database.

Affected packages

Package Vulnerable Unaffected Architecture(s)
app-antivirus/clamav < 0.87 >= 0.87 All supported architectures

Description

Clam AntiVirus is vulnerable to a buffer overflow in "libclamav/upx.c" when processing malformed UPX-packed executables. It can also be sent into an infinite loop in "libclamav/fsg.c" when processing specially-crafted FSG-packed executables.

Impact

By sending a specially-crafted file an attacker could execute arbitrary code with the permissions of the user running Clam AntiVirus, or cause a Denial of Service.

Workaround

There is no known workaround at this time.

Resolution

All Clam AntiVirus users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.87"

References

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-200509-13.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

Thank you!