.R4L - Multiple vulnerabilities in Clam AV 0.91.2

["Just1n T1mberlake" <hotpackets () hellokitty com>]

[.r4l vulnerability release 200708280000.1 07-28-01]

.r4l crew has discovered multiple vulnerabilities in Clam Antivirus version 0.91.2

Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail 
gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line 
scanner and advanced tool for automatic database updates. Seriously Clam AV will fully snap up your chongy nob nob and 
put some shit right in the plug hole. The core of the package is an anti-virus engine available in a form of shared 
library.

--[ Vulnerabilities ]--

1. Version 0.91.2 is vulnerable to an attack on the mollusc.CLAM interface. As this is a software only product, no clam 
shell is provided over this interface.

2. ClamAV 0.91.2 provides no protection against attacks directly against the clam. Most clam attacks will come from the 
clamflap, which is externally exposed. 

3. Clamd process does not have a clam clasp. Therefore the clamd is open to clamshaft or even clamslap attacks.

4. Most significantly, the clamscan will not open the clam device (/dev/dfa) with appropriate permissions. clamscan can 
be coerced into  a standard clamscan/clamflan/chanclam/chanclan attack.

5. Unlike other genital comparisons that can be made of the clam AV product, no clamflaps exist, and clearly the man 
boat flippy clam can be seen. Most users of Clam AV would not be aware of the boat flapper however.

--[ Vendor Response ]--

CLAM - These issues have been addressed in the newest version of Clam AV 0.91.3

--[ Credits ]--

Thanks to the following
rvl - coming out to discuss ths issues
kraig - looking after rvl / wmd and providing r4l inspiration
p8 - touching ppl inappropriately at corner pitt etc
brizzo - internet
cjb - everytime
blondigan - no shit ur hot even though u have little fried egg noobs
festy - nice chips hey pity about ur head
forehead - u have a head like a dropped pie
bruisy - someone get up u because u need a fucken flap flogging hoe
mdmk - thx for scotch+dry
dailydave - now i dont need to think in the shower i have ur fucken stupid list


-- 
_______________________________________________
Get a free @hellokitty.com, @mymelody.com, or @kuririnmail.com email account
today at www.sanriotown.com, and enjoy 500MB of storage!
Check out our official blog @ http://blog.hellokitty.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/