Home page logo

oss-sec logo oss-sec mailing list archives

Re: CVE Request -- Clam AntiVirus -- v0.97.2 -- Off-by-one error by scanning message hashes
From: Josh Bressers <bressers () redhat com>
Date: Tue, 26 Jul 2011 16:03:20 -0400 (EDT)

Please use CVE-2011-2721.



----- Original Message -----
Hello Josh, Steve, vendors,

based on:

an off-by-one error was found in the way the hash manager of Clam
AntiVirus, a GPL anti-virus toolkit for UNIX, performed scan of
messages with certain hashes. A remote attacker could provide a
with specially-crafted hash signature in it, leading to denial of
service (clamscan executable crash).

Upstream bug report:
[2] https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2818

Relevant patch:

Other references:
[4] https://bugzilla.novell.com/show_bug.cgi?id=708263
[6] http://www.clamav.net/lang/en/
[7] https://bugzilla.redhat.com/show_bug.cgi?id=725694

Note: The rest of the issues fixed in [1] seem to be just bug fixes.
Cc-ed upstream Clam Antivirus maintainers to confirm this (that
there is only one issue with security implications) and correct
the description of the issue, if necessary (just guessing that
"cli_hm_scan()" stands for
command_line_interface_hash_manager_scan, since it doesn't seem
to be described in the code anywhere).

Josh, Steve, could you allocate a CVE id for this?

Thank you && Regards, Jan.
Jan iankko Lieskovsky / Red Hat Security Response Team

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]