Vulnerabilities > CVE-2008-3215 - Resource Management Errors vulnerability in Clam Anti-Virus Clamav
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2008-6422.NASL description Backport upstream fix for CVE-2008-2713 (0.93.1) and fix for incomplete fix of CVE-2008-2713 (0.93.2). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 33537 published 2008-07-18 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/33537 title Fedora 8 : clamav-0.92.1-3.fc8 (2008-6422) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1616.NASL description Damian Put discovered a vulnerability in the ClamAV anti-virus toolkit last seen 2020-06-01 modified 2020-06-02 plugin id 33568 published 2008-07-24 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/33568 title Debian DSA-1616-2 : clamav - denial of service NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2008-166.NASL description An incomplete fix for CVE-2008-2713 resulted in remote attackers being able to cause a denial of service via a malformed Petite file that triggered an out-of-bounds memory access (CVE-2008-3215). This issue is corrected with the 0.93.3 release which is being provided. last seen 2020-06-01 modified 2020-06-02 plugin id 38014 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38014 title Mandriva Linux Security Advisory : clamav (MDVSA-2008:166) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200808-07.NASL description The remote host is affected by the vulnerability described in GLSA-200808-07 (ClamAV: Multiple Denials of Service) Damian Put has discovered an out-of-bounds memory access while processing Petite files (CVE-2008-2713, CVE-2008-3215). Also, please note that the 0.93 ClamAV branch fixes the first of the two attack vectors of CVE-2007-6595 concerning an insecure creation of temporary files vulnerability. The sigtool attack vector seems still unfixed. Impact : A remote attacker could entice a user or automated system to scan a specially crafted Petite file, possibly resulting in a Denial of Service (daemon crash). Also, the insecure creation of temporary files vulnerability can be triggered by a local user to perform a symlink attack. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 33853 published 2008-08-10 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/33853 title GLSA-200808-07 : ClamAV: Multiple Denials of Service NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2008-006.NASL description The remote host is running a version of Mac OS X 10.4 that does not have the security update 2008-006 applied. This update contains security fixes for a number of programs. last seen 2020-06-01 modified 2020-06-02 plugin id 34210 published 2008-09-16 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34210 title Mac OS X Multiple Vulnerabilities (Security Update 2008-006) NASL family Fedora Local Security Checks NASL id FEDORA_2008-6338.NASL description Update to upstream version 0.93.3, fixing previously incomplete fix for CVE-2008-2713. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 33536 published 2008-07-18 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/33536 title Fedora 9 : clamav-0.93.3-1.fc9 (2008-6338) NASL family MacOS X Local Security Checks NASL id MACOSX_10_5_5.NASL description The remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.5. Mac OS X 10.5.5 contains security fixes for a number of programs. last seen 2020-06-01 modified 2020-06-02 plugin id 34211 published 2008-09-16 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34211 title Mac OS X 10.5.x < 10.5.5 Multiple Vulnerabilities
References
- http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
- http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html
- http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html
- http://lurker.clamav.net/message/20080707.155612.ad411b00.en.html
- http://lurker.clamav.net/message/20080707.155612.ad411b00.en.html
- http://secunia.com/advisories/31091
- http://secunia.com/advisories/31091
- http://secunia.com/advisories/31437
- http://secunia.com/advisories/31437
- http://secunia.com/advisories/31882
- http://secunia.com/advisories/31882
- http://security.gentoo.org/glsa/glsa-200808-07.xml
- http://security.gentoo.org/glsa/glsa-200808-07.xml
- http://svn.clamav.net/websvn/diff.php?repname=clamav-devel&path=/branches/0.93/libclamav/petite.c&rev=3920
- http://svn.clamav.net/websvn/diff.php?repname=clamav-devel&path=/branches/0.93/libclamav/petite.c&rev=3920
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:166
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:166
- http://www.openwall.com/lists/oss-security/2008/07/08/5
- http://www.openwall.com/lists/oss-security/2008/07/08/5
- http://www.openwall.com/lists/oss-security/2008/07/15/1
- http://www.openwall.com/lists/oss-security/2008/07/15/1
- http://www.us-cert.gov/cas/techalerts/TA08-260A.html
- http://www.us-cert.gov/cas/techalerts/TA08-260A.html
- http://www.vupen.com/english/advisories/2008/2584
- http://www.vupen.com/english/advisories/2008/2584
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44200
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44200
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00606.html
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00606.html
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00617.html
- https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00617.html
- https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1000#c4
- https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1000#c4