Results 1 to 3 of 3

Thread: [SOLVED] Clamav Security Alert

  1. #1
    Join Date
    Jul 2006
    Location
    New York, NY
    Posts
    122
    Rep Power
    9

    Exclamation [SOLVED] Clamav Security Alert

    Vulnerability Summary for CVE-2008-1389

    Original release date:09/04/2008
    Last revised:09/11/2008
    Source: US-CERT/NIST
    Static Link: National Vulnerability Database (NVD)National Vulnerability Database (CVE-2008-1389)
    Overview

    libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access."

    Impact

    CVSS Severity (version 2.0):
    CVSS v2 Base Score:5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:N/A:P) (legend)
    Impact Subscore: 2.9
    Exploitability Subscore: 10.0
    CVSS Version 2 Metrics:
    Access Vector: Network exploitable
    Access Complexity: Low
    Authentication: Not required to exploit
    Impact Type: Allows disruption of serviceUnknown

    National Vulnerability Database (NVD)National Vulnerability Database ()
    Because we all can't be geniuses, I'll go first.

  2. #2
    Join Date
    May 2006
    Location
    USA
    Posts
    6,242
    Rep Power
    21

    Default

    This appears to have been addressed in July/August updates:

    https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1089
    Comment #12 From Tomasz Kojm 2008-08-12 11:04:11 [reply] -------
    Hi Hanno, the affected module was remotely disabled last month. The fix will be included in 0.94-final (planned on Sept 1, 2008).
    clamav: Crash with crafted chm, CVE-2008-1389
    2008-07-09: clamav bug opened
    unknown date: clamav disables chm-parser through freshclam
    2008-09-02 Vendor releases 0.94
    2008-09-04 Released this advisory
    Bug 31258 - Upgrade to ClamAV 0.94

  3. #3
    Join Date
    Jul 2006
    Location
    New York, NY
    Posts
    122
    Rep Power
    9

    Default

    Correct, I forgot to add that link in the first post. I just know that we currently use clamav_93.3
    Because we all can't be geniuses, I'll go first.

Similar Threads

  1. [SOLVED] Zimbra logwatch.
    By nishith in forum Administrators
    Replies: 5
    Last Post: 06-10-2009, 05:42 PM
  2. high security alert downloading attachments
    By freshfitz in forum Installation
    Replies: 1
    Last Post: 07-09-2008, 10:14 PM
  3. DelegateAuth in audit.log
    By Krishopper in forum Administrators
    Replies: 2
    Last Post: 05-17-2007, 06:08 AM
  4. Security Vulnerability Alert
    By jholder in forum Announcements
    Replies: 0
    Last Post: 04-21-2007, 02:34 PM
  5. Zimbra ClamAV Security Updates?
    By jdell in forum Administrators
    Replies: 13
    Last Post: 03-05-2007, 09:12 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •