[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20070828121650.B6FA97B7AA@ws5-10.us4.outblaze.com>
Date: Tue, 28 Aug 2007 20:16:50 +0800
From: "Just1n T1mberlake" <hotpackets@...lokitty.com>
To: full-disclosure@...ts.grok.org.uk
Subject: .R4L - Multiple vulnerabilities in Clam AV 0.91.2
[.r4l vulnerability release 200708280000.1 07-28-01]
.r4l crew has discovered multiple vulnerabilities in Clam Antivirus version 0.91.2
Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. Seriously Clam AV will fully snap up your chongy nob nob and put some shit right in the plug hole. The core of the package is an anti-virus engine available in a form of shared library.
--[ Vulnerabilities ]--
1. Version 0.91.2 is vulnerable to an attack on the mollusc.CLAM interface. As this is a software only product, no clam shell is provided over this interface.
2. ClamAV 0.91.2 provides no protection against attacks directly against the clam. Most clam attacks will come from the clamflap, which is externally exposed.
3. Clamd process does not have a clam clasp. Therefore the clamd is open to clamshaft or even clamslap attacks.
4. Most significantly, the clamscan will not open the clam device (/dev/dfa) with appropriate permissions. clamscan can be coerced into a standard clamscan/clamflan/chanclam/chanclan attack.
5. Unlike other genital comparisons that can be made of the clam AV product, no clamflaps exist, and clearly the man boat flippy clam can be seen. Most users of Clam AV would not be aware of the boat flapper however.
--[ Vendor Response ]--
CLAM - These issues have been addressed in the newest version of Clam AV 0.91.3
--[ Credits ]--
Thanks to the following
rvl - coming out to discuss ths issues
kraig - looking after rvl / wmd and providing r4l inspiration
p8 - touching ppl inappropriately at corner pitt etc
brizzo - internet
cjb - everytime
blondigan - no shit ur hot even though u have little fried egg noobs
festy - nice chips hey pity about ur head
forehead - u have a head like a dropped pie
bruisy - someone get up u because u need a fucken flap flogging hoe
mdmk - thx for scotch+dry
dailydave - now i dont need to think in the shower i have ur fucken stupid list
--
_______________________________________________
Get a free @hellokitty.com, @mymelody.com, or @kuririnmail.com email account
today at www.sanriotown.com, and enjoy 500MB of storage!
Check out our official blog @ http://blog.hellokitty.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists