[<prev] [next>] [day] [month] [year] [list]
Message-Id: <200804151207.46257.hanno@hboeck.de>
Date: Tue, 15 Apr 2008 12:07:43 +0200
From: Hanno Böck <hanno@...eck.de>
To: oss-security@...ts.openwall.com, coley@...re.org
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: clamav: Endless loop / hang with crafter arj,
CVE-2008-1387
Advisory published at:
http://int21.de/cve/CVE-2008-1387-clamav.html
clamav: Endless loop / hang with crafter arj, CVE-2008-1387
References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1387
http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog
http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html
Description
CERT-FI published an advisory with a large number of samples of crafted
archives.
The file with the md5sum b6046d890e6bd304e3756c88b989559a (named
b6046d890e6bd304e3756c88b989559a.arj) hangs clamav with high load.
If you're running clamav on a mailserver, an attacker can DoS your Server
remotely by sending some mails with the archive attached.
Workaround/Fix
clamav 0.93 fixes this issue beside other security issues, if you're running
clamav you should upgrade as soon as possible.
Disclosure Timeline
2008-03-17 CERT-FI publishes advisory
2008-03-26 Vendor contacted
2008-03-27 Vendor approves issue
2008-04-14 Vendor releases 0.93
2008-04-16 Advisory published
CVE Information
The Common Vulnerabilities and Exposures (CVE) project has assigned the name
CVE-2008-1387 to this issue. This is a candidate for inclusion in the CVE
list (http://cve.mitre.org/), which standardizes names for security problems.
Credits and copyright
This vulnerability was discovered by Hanno Boeck of schokokeks.org webhosting.
It's licensed under the creative commons attribution license.
Hanno Boeck, 2008-04-16, http://www.hboeck.de
--
Hanno Böck Blog: http://www.hboeck.de/
GPG: 3DBD3B20 Jabber/Mail: hanno@...eck.de
Download attachment "signature.asc " of type "application/pgp-signature" (198 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists