Vulnerabilities > CVE-2005-0218 - Unspecified vulnerability in Clam Anti-Virus Clamav

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

ClamAV 0.80 and earlier allows remote attackers to bypass virus scanning via a base64 encoded image in a data: (RFC 2397) URL.

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200501-46.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200501-46 (ClamAV: Multiple issues) ClamAV fails to properly scan ZIP files with special headers (CAN-2005-0133) and base64 encoded images in URLs. Impact : By sending a base64 encoded image file in a URL an attacker could evade virus scanning. By sending a specially crafted ZIP file an attacker could cause a Denial of Service by crashing the clamd daemon. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id16437
    published2005-02-14
    reporterThis script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/16437
    titleGLSA-200501-46 : ClamAV: Multiple issues
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 200501-46.
    #
    # The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(16437);
      script_version("1.17");
      script_cvs_date("Date: 2019/08/02 13:32:42");
    
      script_cve_id("CVE-2005-0133", "CVE-2005-0218");
      script_xref(name:"GLSA", value:"200501-46");
    
      script_name(english:"GLSA-200501-46 : ClamAV: Multiple issues");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-200501-46
    (ClamAV: Multiple issues)
    
        ClamAV fails to properly scan ZIP files with special headers
        (CAN-2005-0133) and base64 encoded images in URLs.
      
    Impact :
    
        By sending a base64 encoded image file in a URL an attacker could evade
        virus scanning. By sending a specially crafted ZIP file an attacker
        could cause a Denial of Service by crashing the clamd daemon.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      # http://sourceforge.net/forum/forum.php?forum_id=440649
      script_set_attribute(
        attribute:"see_also",
        value:"https://sourceforge.net/p/legacy_/forum/forum.php?forum_id=440649"
      );
      # http://secunia.com/advisories/13900/
      script_set_attribute(
        attribute:"see_also",
        value:"https://secuniaresearch.flexerasoftware.com/advisories/13900/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/200501-46"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All ClamAV users should upgrade to the latest version:
        # emerge --sync
        # emerge --ask --oneshot --verbose '>=app-antivirus/clamav-0.81'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:clamav");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2005/01/31");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/14");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"app-antivirus/clamav", unaffected:make_list("ge 0.81"), vulnerable:make_list("le 0.80"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ClamAV");
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2005-025.NASL
    descriptionTwo problems were discovered in versions of clamav prior to 0.81. An attacker could evade virus scanning by sending a base64-encoded imaege file in a URL. Also, by sending a specially crafted ZIP file, an attacker could cause a DoS (Denial of Service) by crashing the clamd daemon.
    last seen2020-06-01
    modified2020-06-02
    plugin id16291
    published2005-02-02
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/16291
    titleMandrake Linux Security Advisory : clamav (MDKSA-2005:025)
    code
    #%NASL_MIN_LEVEL 80502
    
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Mandrake Linux Security Advisory MDKSA-2005:025. 
    # The text itself is copyright (C) Mandriva S.A.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(16291);
      script_version ("1.18");
      script_cvs_date("Date: 2019/08/02 13:32:47");
    
      script_cve_id("CVE-2005-0133", "CVE-2005-0218");
      script_xref(name:"MDKSA", value:"2005:025");
    
      script_name(english:"Mandrake Linux Security Advisory : clamav (MDKSA-2005:025)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Mandrake Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Two problems were discovered in versions of clamav prior to 0.81. An
    attacker could evade virus scanning by sending a base64-encoded imaege
    file in a URL. Also, by sending a specially crafted ZIP file, an
    attacker could cause a DoS (Denial of Service) by crashing the clamd
    daemon."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://secunia.com/advisories/13900/"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:clamav");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:clamav-db");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:clamav-milter");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64clamav1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64clamav1-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libclamav1");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libclamav1-devel");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:mandrakesoft:mandrake_linux:10.1");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2005/01/31");
      script_set_attribute(attribute:"plugin_publication_date", value:"2005/02/02");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2005-2019 Tenable Network Security, Inc.");
      script_family(english:"Mandriva Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux");
    if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"MDK10.1", reference:"clamav-0.81-0.2.101mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", reference:"clamav-db-0.81-0.2.101mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", reference:"clamav-milter-0.81-0.2.101mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64clamav1-0.81-0.2.101mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", cpu:"x86_64", reference:"lib64clamav1-devel-0.81-0.2.101mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"libclamav1-0.81-0.2.101mdk", yank:"mdk")) flag++;
    if (rpm_check(release:"MDK10.1", cpu:"i386", reference:"libclamav1-devel-0.81-0.2.101mdk", yank:"mdk")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");