Vulnerabilities > CVE-2008-2713 - Resource Management Errors vulnerability in Clam Anti-Virus Clamav
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_0_CLAMAV-080711.NASL description This update brings clamav to version 0.93.3. It lists CVE-2008-2713 as fixed, but this was fixed in 0.93.1 already, but not mentioned. The update contains stability and bugfixes. last seen 2020-06-01 modified 2020-06-02 plugin id 39930 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39930 title openSUSE Security Update : clamav (clamav-85) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update clamav-85. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(39930); script_version("1.10"); script_cvs_date("Date: 2019/10/25 13:36:31"); script_cve_id("CVE-2008-2713"); script_name(english:"openSUSE Security Update : clamav (clamav-85)"); script_summary(english:"Check for the clamav-85 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update brings clamav to version 0.93.3. It lists CVE-2008-2713 as fixed, but this was fixed in 0.93.1 already, but not mentioned. The update contains stability and bugfixes." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=406994" ); script_set_attribute( attribute:"solution", value:"Update the affected clamav packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:clamav"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:clamav-db"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0"); script_set_attribute(attribute:"patch_publication_date", value:"2008/07/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.0", reference:"clamav-0.93.3-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"clamav-db-0.93.3-0.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav"); }NASL family Fedora Local Security Checks NASL id FEDORA_2008-6422.NASL description Backport upstream fix for CVE-2008-2713 (0.93.1) and fix for incomplete fix of CVE-2008-2713 (0.93.2). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 33537 published 2008-07-18 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/33537 title Fedora 8 : clamav-0.92.1-3.fc8 (2008-6422) NASL family SuSE Local Security Checks NASL id SUSE_CLAMAV-5416.NASL description This update brings clamav to version 0.93.3. It lists CVE-2008-2713 as fixed, but this was fixed in 0.93.1 already, but not mentioned. The update contains stability and bugfixes. last seen 2020-06-01 modified 2020-06-02 plugin id 33503 published 2008-07-15 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/33503 title SuSE 10 Security Update : clamav (ZYPP Patch Number 5416) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1616.NASL description Damian Put discovered a vulnerability in the ClamAV anti-virus toolkit last seen 2020-06-01 modified 2020-06-02 plugin id 33568 published 2008-07-24 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33568 title Debian DSA-1616-2 : clamav - denial of service NASL family SuSE Local Security Checks NASL id SUSE_CLAMAV-5414.NASL description This update brings clamav to version 0.93.3. It lists CVE-2008-2713 as fixed, but this was fixed in 0.93.1 already, but not mentioned. The update contains stability and bugfixes. last seen 2020-06-01 modified 2020-06-02 plugin id 33502 published 2008-07-15 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/33502 title openSUSE 10 Security Update : clamav (clamav-5414) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2008-166.NASL description An incomplete fix for CVE-2008-2713 resulted in remote attackers being able to cause a denial of service via a malformed Petite file that triggered an out-of-bounds memory access (CVE-2008-3215). This issue is corrected with the 0.93.3 release which is being provided. last seen 2020-06-01 modified 2020-06-02 plugin id 38014 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38014 title Mandriva Linux Security Advisory : clamav (MDVSA-2008:166) NASL family SuSE Local Security Checks NASL id SUSE_CLAMAV-5359.NASL description Clamav was updated to version 0.93.1. It fixes various bugs and one security issue : - libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read. (CVE-2008-2713) last seen 2020-06-01 modified 2020-06-02 plugin id 33385 published 2008-07-02 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/33385 title SuSE 10 Security Update : clamav (ZYPP Patch Number 5359) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200808-07.NASL description The remote host is affected by the vulnerability described in GLSA-200808-07 (ClamAV: Multiple Denials of Service) Damian Put has discovered an out-of-bounds memory access while processing Petite files (CVE-2008-2713, CVE-2008-3215). Also, please note that the 0.93 ClamAV branch fixes the first of the two attack vectors of CVE-2007-6595 concerning an insecure creation of temporary files vulnerability. The sigtool attack vector seems still unfixed. Impact : A remote attacker could entice a user or automated system to scan a specially crafted Petite file, possibly resulting in a Denial of Service (daemon crash). Also, the insecure creation of temporary files vulnerability can be triggered by a local user to perform a symlink attack. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 33853 published 2008-08-10 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/33853 title GLSA-200808-07 : ClamAV: Multiple Denials of Service NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2008-122.NASL description A vulnerability was discovered in ClamAV and corrected with the 0.93.1 release : libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read. (CVE-2008-2713) Other bugs have also been corrected in 0.93.1 which is being provided with this update. last seen 2020-06-01 modified 2020-06-02 plugin id 37440 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/37440 title Mandriva Linux Security Advisory : clamav (MDVSA-2008:122) NASL family SuSE Local Security Checks NASL id SUSE_CLAMAV-5356.NASL description This update brings clamav to version 0.93.1. It fixes various bugs and one security issue : CVE-2008-2713: libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read. last seen 2020-06-01 modified 2020-06-02 plugin id 33384 published 2008-07-02 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/33384 title openSUSE 10 Security Update : clamav (clamav-5356) NASL family Fedora Local Security Checks NASL id FEDORA_2008-5476.NASL description This update fixes : - Bug #451761 - CVE-2008-2713 clamav: DoS / crash via crafted petite file Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 33235 published 2008-06-24 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/33235 title Fedora 9 : clamav-0.93.1-1.fc9 (2008-5476) NASL family SuSE Local Security Checks NASL id SUSE_11_0_CLAMAV-080617.NASL description This update brings clamav to version 0.93.1. It fixes various bugs and one security issue : CVE-2008-2713: libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read. last seen 2020-06-01 modified 2020-06-02 plugin id 39929 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39929 title openSUSE Security Update : clamav (clamav-44) NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2008-006.NASL description The remote host is running a version of Mac OS X 10.4 that does not have the security update 2008-006 applied. This update contains security fixes for a number of programs. last seen 2020-06-01 modified 2020-06-02 plugin id 34210 published 2008-09-16 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34210 title Mac OS X Multiple Vulnerabilities (Security Update 2008-006) NASL family Fedora Local Security Checks NASL id FEDORA_2008-6338.NASL description Update to upstream version 0.93.3, fixing previously incomplete fix for CVE-2008-2713. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 33536 published 2008-07-18 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/33536 title Fedora 9 : clamav-0.93.3-1.fc9 (2008-6338) NASL family SuSE Local Security Checks NASL id SUSE9_12201.NASL description This update brings clamav to version 0.93.3. It lists CVE-2008-2713 as fixed, but this was fixed in 0.93.1 already, but not mentioned. The update contains stability and bugfixes. last seen 2020-06-01 modified 2020-06-02 plugin id 41222 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41222 title SuSE9 Security Update : clamav (YOU Patch Number 12201) NASL family MacOS X Local Security Checks NASL id MACOSX_10_5_5.NASL description The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.5. Mac OS X 10.5.5 contains security fixes for a number of programs. last seen 2020-06-01 modified 2020-06-02 plugin id 34211 published 2008-09-16 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34211 title Mac OS X 10.5.x < 10.5.5 Multiple Vulnerabilities
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 29750 CVE(CAN) ID: CVE-2008-2713 Clam AntiVirus是Unix的GPL杀毒工具包,很多邮件网关产品都在使用。 ClamAV的libclamav/petite.c文件中存在拒绝服务漏洞,如果用户受骗打开了特制的Petite加壳可执行程序的话,就会在以下代码段的memcpy()中触发越界读取,导致拒绝服务的情况: cli_writeint32(curpe+0x24, 0xffffffff); memcpy(pefile+rawbase, buffer+sections[i].raw, sections[i].rsz); rawbase+=PESALIGN(sections[i].rsz, 0x200); curpe+=40; datasize+=PESALIGN(sections[i].vsz, 0x1000); ClamAV < 0.93.1 ClamAV ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href=http://svn.clamav.net/websvn/diff.php?repname=clamav-devel&path=/branches/0.93/libclamav/petite.c&rev=3886 target=_blank>http://svn.clamav.net/websvn/diff.php?repname=clamav-devel&path=/branches/0.93/libclamav/petite.c&rev=3886</a> |
| id | SSV:3439 |
| last seen | 2017-11-19 |
| modified | 2008-06-20 |
| published | 2008-06-20 |
| reporter | Root |
| title | ClamAV petite.c无效内存访问绝服务漏洞 |
References
- http://kolab.org/security/kolab-vendor-notice-21.txt
- http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
- http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html
- http://secunia.com/advisories/30657
- http://secunia.com/advisories/30785
- http://secunia.com/advisories/30829
- http://secunia.com/advisories/30967
- http://secunia.com/advisories/31091
- http://secunia.com/advisories/31167
- http://secunia.com/advisories/31206
- http://secunia.com/advisories/31437
- http://secunia.com/advisories/31576
- http://secunia.com/advisories/31882
- http://security.gentoo.org/glsa/glsa-200808-07.xml
- http://sourceforge.net/project/shownotes.php?release_id=605577&group_id=86638
- http://svn.clamav.net/websvn/diff.php?repname=clamav-devel&path=/branches/0.93/libclamav/petite.c&rev=3886
- http://up2date.astaro.com/2008/08/up2date_asg_v7300_ga_released.html
- http://www.debian.org/security/2008/dsa-1616
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:122
- http://www.openwall.com/lists/oss-security/2008/06/15/2
- http://www.openwall.com/lists/oss-security/2008/06/17/8
- http://www.securityfocus.com/bid/29750
- http://www.securitytracker.com/id?1020305
- http://www.us-cert.gov/cas/techalerts/TA08-260A.html
- http://www.vupen.com/english/advisories/2008/1855/references
- http://www.vupen.com/english/advisories/2008/2584
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43133
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00617.html
- https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00763.html
- https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1000