mailing list archives
CVE Request -- Clam AntiVirus -- v0.97.2 -- Off-by-one error by scanning message hashes
From: Jan Lieskovsky <jlieskov () redhat com>
Date: Tue, 26 Jul 2011 12:37:59 +0200
Hello Josh, Steve, vendors,
an off-by-one error was found in the way the hash manager of Clam
AntiVirus, a GPL anti-virus toolkit for UNIX, performed scan of
messages with certain hashes. A remote attacker could provide a message
with specially-crafted hash signature in it, leading to denial of
service (clamscan executable crash).
Upstream bug report:
Note: The rest of the issues fixed in  seem to be just bug fixes.
Cc-ed upstream Clam Antivirus maintainers to confirm this (that
there is only one issue with security implications) and correct
the description of the issue, if necessary (just guessing that
"cli_hm_scan()" stands for
command_line_interface_hash_manager_scan, since it doesn't seem
to be described in the code anywhere).
Josh, Steve, could you allocate a CVE id for this?
Thank you && Regards, Jan.
Jan iankko Lieskovsky / Red Hat Security Response Team
- CVE Request -- Clam AntiVirus -- v0.97.2 -- Off-by-one error by scanning message hashes Jan Lieskovsky (Jul 26)