Results 1 to 3 of 3

Thread: [SOLVED] Clamav Security Alert

  1. 09-15-2008, 01:54 PM #1
    glitch23
    glitch23 is offline Special Member
    Join Date
    Jul 2006
    Location
    New York, NY
    Posts
    122
    Rep Power
    7

    Exclamation [SOLVED] Clamav Security Alert

    Vulnerability Summary for CVE-2008-1389

    Original release date:09/04/2008
    Last revised:09/11/2008
    Source: US-CERT/NIST
    Static Link: National Vulnerability Database (NVD)National Vulnerability Database (CVE-2008-1389)
    Overview

    libclamav/chmunpack.c in the chm-parser in ClamAV before 0.94 allows remote attackers to cause a denial of service (application crash) via a malformed CHM file, related to an "invalid memory access."

    Impact

    CVSS Severity (version 2.0):
    CVSS v2 Base Score:5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:N/A:P) (legend)
    Impact Subscore: 2.9
    Exploitability Subscore: 10.0
    CVSS Version 2 Metrics:
    Access Vector: Network exploitable
    Access Complexity: Low
    Authentication: Not required to exploit
    Impact Type: Allows disruption of serviceUnknown

    National Vulnerability Database (NVD)National Vulnerability Database ()
    Because we all can't be geniuses, I'll go first.
    Reply With Quote Reply With Quote
  2. 09-15-2008, 02:15 PM #2
    mmorse's Avatar
    mmorse
    mmorse is offline Moderator
    Send a message via ICQ to mmorse Send a message via AIM to mmorse Send a message via MSN to mmorse Send a message via Yahoo to mmorse Send a message via Skype™ to mmorse
    Join Date
    May 2006
    Location
    USA
    Posts
    6,241
    Rep Power
    20

    Default

    This appears to have been addressed in July/August updates:

    https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1089
    Comment #12 From Tomasz Kojm 2008-08-12 11:04:11 [reply] -------
    Hi Hanno, the affected module was remotely disabled last month. The fix will be included in 0.94-final (planned on Sept 1, 2008).
    clamav: Crash with crafted chm, CVE-2008-1389
    2008-07-09: clamav bug opened
    unknown date: clamav disables chm-parser through freshclam
    2008-09-02 Vendor releases 0.94
    2008-09-04 Released this advisory
    Bug 31258 - Upgrade to ClamAV 0.94
    -Mike Morse (MCode151)

    ZCS-to-ZCS Migrations & Moves | Admin Tools & Tidbits » ZimbraBlog.com | ZimbraCommunity.com
    Reply With Quote Reply With Quote
  3. 09-15-2008, 02:47 PM #3
    glitch23
    glitch23 is offline Special Member
    Join Date
    Jul 2006
    Location
    New York, NY
    Posts
    122
    Rep Power
    7

    Default

    Correct, I forgot to add that link in the first post. I just know that we currently use clamav_93.3
    Because we all can't be geniuses, I'll go first.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] Zimbra logwatch.
    By nishith in forum Administrators
    Replies: 5
    Last Post: 06-10-2009, 04:42 PM
  2. high security alert downloading attachments
    By freshfitz in forum Installation
    Replies: 1
    Last Post: 07-09-2008, 09:14 PM
  3. DelegateAuth in audit.log
    By Krishopper in forum Administrators
    Replies: 2
    Last Post: 05-17-2007, 05:08 AM
  4. Security Vulnerability Alert
    By jholder in forum Announcements
    Replies: 0
    Last Post: 04-21-2007, 01:34 PM
  5. Zimbra ClamAV Security Updates?
    By jdell in forum Administrators
    Replies: 13
    Last Post: 03-05-2007, 08:12 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules