* [Comm] Fwd: [Backports] Re: clamav vulnerabilities
@ 2005-11-13 18:43 Michael Shigorin
0 siblings, 0 replies; only message in thread
From: Michael Shigorin @ 2005-11-13 18:43 UTC (permalink / raw)
To: community
[-- Attachment #1: Type: text/plain, Size: 2256 bytes --]
----- Forwarded message from "Konstantin A. Lepikhov" <lakostis/anti-leasure.ru> -----
Date: Sun, 13 Nov 2005 16:15:22 +0300 (MSK)
From: "Konstantin A. Lepikhov" <lakostis/anti-leasure.ru>
To: backports/lists.altlinux.org
Subject: [Backports] Re: clamav vulnerabilities
<цитата от="Sergey Y. Afonin">
<skip>
> Я не стал в апдейты собирать 0.87, так как
> не увидел в ченджлоге
> ничего особо серьезного, а со временем
> туговато несколько. 0.87.1
> гляну сегодня. Что касается
(5) HIGH: ClamAV FSG File Handling Overflow
Affected:
Clam AntiVirus versions 0.80 through 0.87
Description: ClamAV is an open-source antivirus software designed mainly
for scanning emails on UNIX mail gateways. The software includes a virus
scanning library - libClamAV. This library is used by many third party
email, web, FTP scanners as well as mail clients. The library contains
a buffer overflow that can be triggered by specially crafted FSG (Packed
Executable Format) files. The attacker can send the malicious file via
email, web, FTP or a file share, and exploit the buffer overflow to
execute arbitrary code on the system running the ClamAV library. The
technical details can be obtained by comparing the fixed and the
affected versions of the software. Note that for compromising the
mail/web/FTP gateways no user interaction is required.
Status: Version 0.87.1 fixes this overflow. The update also fixes other
DoS vulnerabilities. Please look for third party updates for the
software linked to libClamAV.
Council Site Actions: The affected software and/or configuration are not
in production or widespread use, or are not officially supported at any
of the council sites. They reported that no action was necessary.
References:
TippingPoint Advisory
http://archives.neohapsis.com/archives/bugtraq/2005-11/0041.html
Third Party Software Using ClamAV
http://www.clamav.net/whos.html#pagestart (Includes Mac OS X server)
http://www.clamav.net/3rdparty.html#pagestart
SecurityFocus BID
http://www.securityfocus.com/bid/15318
PS 0.87.1 положен в updates.
--
WBR et al.
----- End forwarded message -----
--
---- WBR, Michael Shigorin <mike@altlinux.ru>
------ Linux.Kiev http://www.linux.kiev.ua/
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2005-11-13 18:43 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-11-13 18:43 [Comm] Fwd: [Backports] Re: clamav vulnerabilities Michael Shigorin
ALT Linux Community general discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
public-inbox-index community
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.community
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git