Vulnerabilities > CVE-2005-1922 - Unspecified vulnerability in Clam Anti-Virus Clamav

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
clam-anti-virus
nessus

Summary

The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function.

Nessus

  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_6D18FE19EE6711D983100001020EED82.NASL
    descriptionAn iDEFENSE Security Advisory reports : Remote exploitation of an input validation error in Clam AntiVirus ClamAV allows attackers to cause a denial of service condition. The vulnerability specifically exists due to improper behavior during exceptional conditions. Successful exploitation allows attackers to exhaust file descriptors pool and memory. Anti-virus detection functionality will fail if there is no file descriptors available with which to open files. Remote exploitation can be achieved by sending a malicious file in an e-mail message or during an HTTP session.
    last seen2020-06-01
    modified2020-06-02
    plugin id18975
    published2005-07-13
    reporterThis script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/18975
    titleFreeBSD : clamav -- MS-Expand file handling DoS vulnerability (6d18fe19-ee67-11d9-8310-0001020eed82)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-773.NASL
    descriptionThis advisory adds security support for the stable amd64 distribution. It covers all security updates since the release of sarge, which were missing updated packages for the not yet official amd64 port. Future security advisories will include updates for this port as well.
    last seen2020-06-01
    modified2020-06-02
    plugin id57528
    published2012-01-12
    reporterThis script is Copyright (C) 2012-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/57528
    titleDebian DSA-773-1 : amd64 - several vulnerabilities
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-737.NASL
    descriptionA number of potential remote denial of service vulnerabilities have been identified in ClamAV. In addition to the four issues identified by CVE ID above, there are fixes for issues in libclamav/cvd.c and libclamav/message.c. Together, these issues could allow a carefully crafted message to crash a ClamAV scanner or exhaust various resources on the machine running the scanner.
    last seen2020-06-01
    modified2020-06-02
    plugin id18629
    published2005-07-06
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/18629
    titleDebian DSA-737-1 : clamav - remote denial of service