[<prev] [next>] [day] [month] [year] [list]
Message-id: <E1JmeOW-0005vl-Jw@titan.mandriva.com>
Date: Thu, 17 Apr 2008 18:24:00 -0600
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2008:088 ] - Updated clamav packages fix
multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2008:088
http://www.mandriva.com/security/
_______________________________________________________________________
Package : clamav
Date : April 17, 2008
Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities were discovered in ClamAV and corrected with
the 0.93 release, including:
ClamAV 0.92 allowed local users to overwrite arbitrary files via
a symlink attack on temporary files or on .ascii files in sigtool,
when utf16-decode is enabled (CVE-2007-6595).
A heap-based buffer overflow in ClamAV 0.92.1 allowed remote attackers
to execute arbitrary code via a crafted PeSpin packed PE binary
(CVE-2008-0314).
An integer overflow in libclamav prior to 0.92.1 allowed remote
attackers to cause a denial of service and possibly execute arbitrary
code via a crafted Petite packed PE file, which triggered a heap-based
buffer overflow (CVE-2008-0318).
An unspecified vulnerability in ClamAV prior to 0.92.1 triggered heap
corruption (CVE-2008-0728).
A buffer overflow in ClamAV 0.92 and 0.92.1 allowed remote attackers
to execute arbitrary code via a crafted Upack PE file (CVE-2008-1100).
ClamAV prior to 0.93 allowed remote attackers to cause a denial of
service (CPU consumption) via a crafted ARJ archive (CVE-2008-1387).
A heap-based buffer overflow in ClamAV 0.92.1 allowed remote attackers
to execute arbitrary code via a crafted WWPack compressed PE binary
(CVE-2008-1833).
ClamAV prior to 0.93 allowed remote attackers to bypass the scanning
engine via a RAR file with an invalid version number (CVE-2008-1835).
A vulnerability in rfc2231 handling in ClamAV prior to 0.93 allowed
remote attackers to cause a denial of service (crash) via a crafted
message that produced a string that was not null terminated, triggering
a buffer over-read (CVE-2008-1836).
A vulnerability in libclamunrar in ClamAV prior to 0.93 allowed remote
attackers to cause a denial of service (crash) via a crafted RAR file
(CVE-2008-1837).
Other bugs have also been corrected in 0.93 which is being provided
with this update. Because this new version has increased the major
of the libclamav library, updated dependent packages are also being
provided.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0314
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0318
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0728
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1100
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1387
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1833
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1835
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1836
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1837
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2007.1:
c05a81dbd14d6c600e832d9381037042 2007.1/i586/clamav-0.93-1.1mdv2007.1.i586.rpm
db2c84320facc592ffe2c09712b9b971 2007.1/i586/clamav-db-0.93-1.1mdv2007.1.i586.rpm
3699f176cd5b553fec2c42d3ee8e43a2 2007.1/i586/clamav-milter-0.93-1.1mdv2007.1.i586.rpm
58e25a7f7c238bfcccf0deb302a154c7 2007.1/i586/clamd-0.93-1.1mdv2007.1.i586.rpm
365ea7e5fb57bff918f91b7a095972da 2007.1/i586/clamdmon-0.93-1.1mdv2007.1.i586.rpm
1ed1a2b923cb5b628677063fe1463a4f 2007.1/i586/libclamav4-0.93-1.1mdv2007.1.i586.rpm
b306ef4cb237f3ae238b2e08c3cca027 2007.1/i586/libclamav-devel-0.93-1.1mdv2007.1.i586.rpm
ae5b6bf4ece14eb185ad483b28db3482 2007.1/SRPMS/clamav-0.93-1.1mdv2007.1.src.rpm
Mandriva Linux 2007.1/X86_64:
a314a7aa7623cb8f41268b5325ca08d9 2007.1/x86_64/clamav-0.93-1.1mdv2007.1.x86_64.rpm
0a7d575891f7557802538686a9db7545 2007.1/x86_64/clamav-db-0.93-1.1mdv2007.1.x86_64.rpm
612941aaafc892e22a41cad2c36cd20e 2007.1/x86_64/clamav-milter-0.93-1.1mdv2007.1.x86_64.rpm
4a65cfc7d7a97e05e9e378ab9e0bcf06 2007.1/x86_64/clamd-0.93-1.1mdv2007.1.x86_64.rpm
45b344ea9cbe23009431a20db3daafaa 2007.1/x86_64/clamdmon-0.93-1.1mdv2007.1.x86_64.rpm
54e4b12eae908918f6d4af54f0b2d5cc 2007.1/x86_64/lib64clamav4-0.93-1.1mdv2007.1.x86_64.rpm
43c30707c55ef4c133d1ca2fbb160bb6 2007.1/x86_64/lib64clamav-devel-0.93-1.1mdv2007.1.x86_64.rpm
ae5b6bf4ece14eb185ad483b28db3482 2007.1/SRPMS/clamav-0.93-1.1mdv2007.1.src.rpm
Mandriva Linux 2008.0:
f75515856969d475a2867a6160582620 2008.0/i586/clamav-0.93-1.1mdv2008.0.i586.rpm
7070d5576d131fea390c83cbdd30333c 2008.0/i586/clamav-db-0.93-1.1mdv2008.0.i586.rpm
262802e3de79f9533a0b0c62d9d1ee52 2008.0/i586/clamav-milter-0.93-1.1mdv2008.0.i586.rpm
076a6d8a31fd1619ff1ddef8ffd1bd35 2008.0/i586/clamd-0.93-1.1mdv2008.0.i586.rpm
26f01fa17c005b3cb13725931ebe13b3 2008.0/i586/clamdmon-0.93-1.1mdv2008.0.i586.rpm
38bf9968cf43ec266a999dfded7aee93 2008.0/i586/klamav-0.42-1.1mdv2008.0.i586.rpm
5258cd6add37130c1a57b39f9f267352 2008.0/i586/libclamav4-0.93-1.1mdv2008.0.i586.rpm
4fe6ee0301ba35592474da4104e397c8 2008.0/i586/libclamav-devel-0.93-1.1mdv2008.0.i586.rpm
2c1996c405552074dd62b41709f1813c 2008.0/SRPMS/clamav-0.93-1.1mdv2008.0.src.rpm
1ebf15643ffcd4529b40bdda43b29ad3 2008.0/SRPMS/klamav-0.42-1.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
0bc656b56619edac79befcd6ec53c3aa 2008.0/x86_64/clamav-0.93-1.1mdv2008.0.x86_64.rpm
37f0ef87fea5cd6c308fc08d05424daa 2008.0/x86_64/clamav-db-0.93-1.1mdv2008.0.x86_64.rpm
e2a67e07d8004edde97885bf72a3691f 2008.0/x86_64/clamav-milter-0.93-1.1mdv2008.0.x86_64.rpm
5188e9cdded076959750aee1bad9c3bc 2008.0/x86_64/clamd-0.93-1.1mdv2008.0.x86_64.rpm
17078a967a86b8e2f5040cf5d9c0245c 2008.0/x86_64/clamdmon-0.93-1.1mdv2008.0.x86_64.rpm
b8ff5180ec750039d7c5f5100bbabebd 2008.0/x86_64/klamav-0.42-1.1mdv2008.0.x86_64.rpm
195724b3f050dd731a765e59436e9fe4 2008.0/x86_64/lib64clamav4-0.93-1.1mdv2008.0.x86_64.rpm
6285511ac80b0cac79f6cc2818113097 2008.0/x86_64/lib64clamav-devel-0.93-1.1mdv2008.0.x86_64.rpm
2c1996c405552074dd62b41709f1813c 2008.0/SRPMS/clamav-0.93-1.1mdv2008.0.src.rpm
1ebf15643ffcd4529b40bdda43b29ad3 2008.0/SRPMS/klamav-0.42-1.1mdv2008.0.src.rpm
Mandriva Linux 2008.1:
2291dc10dfa99af51d48b70f03da9fa7 2008.1/i586/clamav-0.93-1.1mdv2008.1.i586.rpm
e08e441ce02bb89bba6f623732306bd5 2008.1/i586/clamav-db-0.93-1.1mdv2008.1.i586.rpm
c410e5c2b1a201e06473e815ff4aa158 2008.1/i586/clamav-milter-0.93-1.1mdv2008.1.i586.rpm
fd7bbda7a9fab54a113480917b3c41da 2008.1/i586/clamd-0.93-1.1mdv2008.1.i586.rpm
67470d87ea76b57aaf661155488708f1 2008.1/i586/clamdmon-0.93-1.1mdv2008.1.i586.rpm
23a50fb03269c120caeabe858f59ee7a 2008.1/i586/dansguardian-2.9.9.2-4.1mdv2008.1.i586.rpm
b46316a4c2fb1ad6003dd40097de6b96 2008.1/i586/klamav-0.42-1.1mdv2008.1.i586.rpm
4b1801edc1f911495720dacd4cc6bb53 2008.1/i586/libclamav4-0.93-1.1mdv2008.1.i586.rpm
98fcb6acf0c7798df6d1cb3aa4b56c2f 2008.1/i586/libclamav-devel-0.93-1.1mdv2008.1.i586.rpm
a37b7a66fc50ba007970d77d138b7d3e 2008.1/SRPMS/clamav-0.93-1.1mdv2008.1.src.rpm
ba0171405e2d68adb7d8625537fa2453 2008.1/SRPMS/dansguardian-2.9.9.2-4.1mdv2008.1.src.rpm
02d57d169add2ffbb1af006449c98826 2008.1/SRPMS/klamav-0.42-1.1mdv2008.1.src.rpm
Mandriva Linux 2008.1/X86_64:
8786af4394da5e00505d3046a5bbd264 2008.1/x86_64/clamav-0.93-1.1mdv2008.1.x86_64.rpm
0252521a932b5f34dc2ee2c48d65ce9b 2008.1/x86_64/clamav-db-0.93-1.1mdv2008.1.x86_64.rpm
ebd8402e9726e03fcbd2f590b839b739 2008.1/x86_64/clamav-milter-0.93-1.1mdv2008.1.x86_64.rpm
fb45839a94f656144a35e7a1d7adeb92 2008.1/x86_64/clamd-0.93-1.1mdv2008.1.x86_64.rpm
010a98abf987f7af1002d8d4232a1829 2008.1/x86_64/clamdmon-0.93-1.1mdv2008.1.x86_64.rpm
35e1466c514926807357786f829fe4f3 2008.1/x86_64/dansguardian-2.9.9.2-4.1mdv2008.1.x86_64.rpm
0dd66bf9cba34d386ebf172de8644b3b 2008.1/x86_64/klamav-0.42-1.1mdv2008.1.x86_64.rpm
f324ff84c6d88e6777296a9442d07b0d 2008.1/x86_64/lib64clamav4-0.93-1.1mdv2008.1.x86_64.rpm
089e4aa77ab98bfe8fd1c0e3eb6e3127 2008.1/x86_64/lib64clamav-devel-0.93-1.1mdv2008.1.x86_64.rpm
a37b7a66fc50ba007970d77d138b7d3e 2008.1/SRPMS/clamav-0.93-1.1mdv2008.1.src.rpm
ba0171405e2d68adb7d8625537fa2453 2008.1/SRPMS/dansguardian-2.9.9.2-4.1mdv2008.1.src.rpm
02d57d169add2ffbb1af006449c98826 2008.1/SRPMS/klamav-0.42-1.1mdv2008.1.src.rpm
Corporate 3.0:
802a2269804bc78baf2c88401d24b400 corporate/3.0/i586/clamav-0.93-0.1.C30mdk.i586.rpm
39576ec6547553eba0db0ed0d9c42607 corporate/3.0/i586/clamav-db-0.93-0.1.C30mdk.i586.rpm
f7118f0c7fb44ae947b2930727b4997f corporate/3.0/i586/clamav-milter-0.93-0.1.C30mdk.i586.rpm
a16b22196f03442625ea857a7a3433ec corporate/3.0/i586/clamd-0.93-0.1.C30mdk.i586.rpm
989404f6f255353442f3c0502aada856 corporate/3.0/i586/clamdmon-0.93-0.1.C30mdk.i586.rpm
124ef95e67b55b9ce9ab1f4811be729e corporate/3.0/i586/libclamav4-0.93-0.1.C30mdk.i586.rpm
a5c1051a86e4e32b9ec9c9d572bf5a26 corporate/3.0/i586/libclamav-devel-0.93-0.1.C30mdk.i586.rpm
c6bfee93246e9ba87df2bf0e4a7214d9 corporate/3.0/SRPMS/clamav-0.93-0.1.C30mdk.src.rpm
Corporate 3.0/X86_64:
eba7a24e9512a9fba953ad7c149dfc2d corporate/3.0/x86_64/clamav-0.93-0.1.C30mdk.x86_64.rpm
607c373dee1c384de55e3c5b82b0944a corporate/3.0/x86_64/clamav-db-0.93-0.1.C30mdk.x86_64.rpm
d6276646656d6a3d03bb5e74678f378c corporate/3.0/x86_64/clamav-milter-0.93-0.1.C30mdk.x86_64.rpm
1da07994085e84c0950061aa12148a31 corporate/3.0/x86_64/clamd-0.93-0.1.C30mdk.x86_64.rpm
5c078fd76834ce112782b22effd23605 corporate/3.0/x86_64/clamdmon-0.93-0.1.C30mdk.x86_64.rpm
73d8f50b2e3b098d5d9e1b6b8bf901a2 corporate/3.0/x86_64/lib64clamav4-0.93-0.1.C30mdk.x86_64.rpm
9ee5c7d1f10df4538c0977e727f839ce corporate/3.0/x86_64/lib64clamav-devel-0.93-0.1.C30mdk.x86_64.rpm
c6bfee93246e9ba87df2bf0e4a7214d9 corporate/3.0/SRPMS/clamav-0.93-0.1.C30mdk.src.rpm
Corporate 4.0:
975e9550292dbff977188da05ea6dd64 corporate/4.0/i586/c-icap-client-210205-5.3.20060mlcs4.i586.rpm
35c665f9abf63806e3d151d93f282194 corporate/4.0/i586/c-icap-modules-210205-5.3.20060mlcs4.i586.rpm
45364ecd12c23c512c0c1293d95ba992 corporate/4.0/i586/c-icap-server-210205-5.3.20060mlcs4.i586.rpm
403db09e526eb4f2a74b7e73e9e538bf corporate/4.0/i586/clamav-0.93-0.1.20060mlcs4.i586.rpm
52afc940c587a9cccd24bc441c8e017c corporate/4.0/i586/clamav-db-0.93-0.1.20060mlcs4.i586.rpm
f37a5f71e31c1c933eed20146ca84f9d corporate/4.0/i586/clamav-milter-0.93-0.1.20060mlcs4.i586.rpm
d0b941d1ac03b72b3042c381dfd0a1c9 corporate/4.0/i586/clamd-0.93-0.1.20060mlcs4.i586.rpm
5192d4351a69efa83a8a9adb808a6b52 corporate/4.0/i586/clamdmon-0.93-0.1.20060mlcs4.i586.rpm
724a9e1b6ae07a18a636a10e5c5b7f0f corporate/4.0/i586/libc-icap0-210205-5.3.20060mlcs4.i586.rpm
5b373def54bd9bf9664f72f8ff8e235c corporate/4.0/i586/libc-icap0-devel-210205-5.3.20060mlcs4.i586.rpm
857bc30e1f4424b67e144788b55de384 corporate/4.0/i586/libclamav4-0.93-0.1.20060mlcs4.i586.rpm
5fa08b3ed8fe37c7674d9eabe2561dff corporate/4.0/i586/libclamav-devel-0.93-0.1.20060mlcs4.i586.rpm
285be2e785be1ceec6b9c35dd0247ddb corporate/4.0/i586/php-clamav-0.12a-8.3.20060mlcs4.i586.rpm
d74e50cb3179f83fe58e63aedf9d5716 corporate/4.0/SRPMS/c-icap-210205-5.3.20060mlcs4.src.rpm
79a48f32d7b18da918add4cfe33c4372 corporate/4.0/SRPMS/clamav-0.93-0.1.20060mlcs4.src.rpm
77478e71bb36a4c14412be4b9ae7ada9 corporate/4.0/SRPMS/php-clamav-0.12a-8.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
b162f8f3d8119408b6278898c2b74a66 corporate/4.0/x86_64/c-icap-client-210205-5.3.20060mlcs4.x86_64.rpm
f5572368d453aab6b8caae1c3ff9162a corporate/4.0/x86_64/c-icap-modules-210205-5.3.20060mlcs4.x86_64.rpm
02868c974ebd8c8b7457503c105a35e5 corporate/4.0/x86_64/c-icap-server-210205-5.3.20060mlcs4.x86_64.rpm
d296a9cba6b78e8efd40df7673f76bad corporate/4.0/x86_64/clamav-0.93-0.1.20060mlcs4.x86_64.rpm
d8f8d78a35cfc1c2659bad00da841b9c corporate/4.0/x86_64/clamav-db-0.93-0.1.20060mlcs4.x86_64.rpm
fa0e00380be1891d72f0bd8a9d50b4fb corporate/4.0/x86_64/clamav-milter-0.93-0.1.20060mlcs4.x86_64.rpm
caf8350354766ec9e9addfa890c59a92 corporate/4.0/x86_64/clamd-0.93-0.1.20060mlcs4.x86_64.rpm
469e48622bc724ee9c91d0db3fbc0be4 corporate/4.0/x86_64/clamdmon-0.93-0.1.20060mlcs4.x86_64.rpm
2efa92677aeadd30341f16031d87daf9 corporate/4.0/x86_64/lib64c-icap0-210205-5.3.20060mlcs4.x86_64.rpm
3fed3f44754620265f3321f363b476a9 corporate/4.0/x86_64/lib64c-icap0-devel-210205-5.3.20060mlcs4.x86_64.rpm
1175e8e9c1270a393973640d9aa9670c corporate/4.0/x86_64/lib64clamav4-0.93-0.1.20060mlcs4.x86_64.rpm
a8ed0a65912e7a08a933f50d6b6340a7 corporate/4.0/x86_64/lib64clamav-devel-0.93-0.1.20060mlcs4.x86_64.rpm
e8748e72f1ef3a66da6c211a02750c3b corporate/4.0/x86_64/php-clamav-0.12a-8.3.20060mlcs4.x86_64.rpm
d74e50cb3179f83fe58e63aedf9d5716 corporate/4.0/SRPMS/c-icap-210205-5.3.20060mlcs4.src.rpm
79a48f32d7b18da918add4cfe33c4372 corporate/4.0/SRPMS/clamav-0.93-0.1.20060mlcs4.src.rpm
77478e71bb36a4c14412be4b9ae7ada9 corporate/4.0/SRPMS/php-clamav-0.12a-8.3.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFIB76JmqjQ0CJFipgRAn04AJ46WWptK4y//tqHYzrcuinaLeDkzgCgr48q
is9c4i+E5CSZFt4GBzLqXbg=
=8Y0Q
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists