Vulnerabilities > CVE-2005-2920 - Unspecified vulnerability in Clam Anti-Virus Clamav
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN clam-anti-virus
nessus
Summary
Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable.
Vulnerable Configurations
Nessus
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-824.NASL description Two vulnerabilities have been discovered in Clam AntiVirus, the antivirus scanner for Unix, designed for integration with mail servers to perform attachment scanning. The following problems were identified : - CAN-2005-2919 A potentially infinite loop could lead to a denial of service. - CAN-2005-2920 A buffer overflow could lead to a denial of service. last seen 2020-06-01 modified 2020-06-02 plugin id 19793 published 2005-10-05 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19793 title Debian DSA-824-1 : clamav - infinite loop, buffer overflow NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200509-13.NASL description The remote host is affected by the vulnerability described in GLSA-200509-13 (Clam AntiVirus: Multiple vulnerabilities) Clam AntiVirus is vulnerable to a buffer overflow in last seen 2020-06-01 modified 2020-06-02 plugin id 19812 published 2005-10-05 reporter This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/19812 title GLSA-200509-13 : Clam AntiVirus: Multiple vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_SA_2005_055.NASL description The remote host is missing the patch for the advisory SUSE-SA:2005:055 (clamav). This update upgrades clamav to version 0.87. It fixes vulnerabilities in handling of UPX and FSG compressed executables, which could lead to a remote attacker executing code within the daemon using clamav. These are tracked by the Mitre CVE IDs CVE-2005-2919 and CVE-2005-2920. Also following bugs were fixed: - Support for PE files, Zip and Cabinet archives has been improved and other small bugfixes have been made. - The new option last seen 2019-10-28 modified 2005-10-05 plugin id 19934 published 2005-10-05 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19934 title SUSE-SA:2005:055: clamav NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2005-166.NASL description A vulnerability was discovered in ClamAV versions prior to 0.87. A buffer overflow could occure when processing malformed UPX-packed executables. As well, it could be sent into an infinite loop when processing specially crafted FSG-packed executables. ClamAV version 0.87 is provided with this update which isn last seen 2020-06-01 modified 2020-06-02 plugin id 19921 published 2005-10-05 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/19921 title Mandrake Linux Security Advisory : clamav (MDKSA-2005:166) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_271498A92CD411DAA2630001020EED82.NASL description Gentoo Linux Security Advisory reports : Clam AntiVirus is vulnerable to a buffer overflow in last seen 2020-06-01 modified 2020-06-02 plugin id 21403 published 2006-05-13 reporter This script is Copyright (C) 2006-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/21403 title FreeBSD : clamav -- arbitrary code execution and DoS vulnerabilities (271498a9-2cd4-11da-a263-0001020eed82)
References
- http://sourceforge.net/project/shownotes.php?release_id=356974
- http://www.gentoo.org/security/en/glsa/glsa-200509-13.xml
- http://www.debian.org/security/2005/dsa-824
- http://www.kb.cert.org/vuls/id/363713
- http://secunia.com/advisories/16989
- http://www.novell.com/linux/security/advisories/2005_55_clamav.html
- http://www.securityfocus.com/bid/14866
- http://www.osvdb.org/19506
- http://secunia.com/advisories/16848
- http://www.vupen.com/english/advisories/2005/1774
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22307