Vulnerabilities > CVE-2008-3215 - Resource Management Errors vulnerability in Clam Anti-Virus Clamav

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
clam-anti-virus
CWE-399
nessus
NVD
Published: 2008-07-18
Updated: 2017-08-08

Summary

libclamav/petite.c in ClamAV before 0.93.3 allows remote attackers to cause a denial of service via a malformed Petite file that triggers an out-of-bounds memory access. NOTE: this issue exists because of an incomplete fix for CVE-2008-2713.

Vulnerable Configurations

Part Description Count
Application
Clam_Anti-Virus
19

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-6422.NASL
    descriptionBackport upstream fix for CVE-2008-2713 (0.93.1) and fix for incomplete fix of CVE-2008-2713 (0.93.2). Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id33537
    published2008-07-18
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/33537
    titleFedora 8 : clamav-0.92.1-3.fc8 (2008-6422)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1616.NASL
    descriptionDamian Put discovered a vulnerability in the ClamAV anti-virus toolkit
    last seen2020-06-01
    modified2020-06-02
    plugin id33568
    published2008-07-24
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/33568
    titleDebian DSA-1616-2 : clamav - denial of service
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2008-166.NASL
    descriptionAn incomplete fix for CVE-2008-2713 resulted in remote attackers being able to cause a denial of service via a malformed Petite file that triggered an out-of-bounds memory access (CVE-2008-3215). This issue is corrected with the 0.93.3 release which is being provided.
    last seen2020-06-01
    modified2020-06-02
    plugin id38014
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/38014
    titleMandriva Linux Security Advisory : clamav (MDVSA-2008:166)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200808-07.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200808-07 (ClamAV: Multiple Denials of Service) Damian Put has discovered an out-of-bounds memory access while processing Petite files (CVE-2008-2713, CVE-2008-3215). Also, please note that the 0.93 ClamAV branch fixes the first of the two attack vectors of CVE-2007-6595 concerning an insecure creation of temporary files vulnerability. The sigtool attack vector seems still unfixed. Impact : A remote attacker could entice a user or automated system to scan a specially crafted Petite file, possibly resulting in a Denial of Service (daemon crash). Also, the insecure creation of temporary files vulnerability can be triggered by a local user to perform a symlink attack. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id33853
    published2008-08-10
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/33853
    titleGLSA-200808-07 : ClamAV: Multiple Denials of Service
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2008-006.NASL
    descriptionThe remote host is running a version of Mac OS X 10.4 that does not have the security update 2008-006 applied. This update contains security fixes for a number of programs.
    last seen2020-06-01
    modified2020-06-02
    plugin id34210
    published2008-09-16
    reporterThis script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34210
    titleMac OS X Multiple Vulnerabilities (Security Update 2008-006)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-6338.NASL
    descriptionUpdate to upstream version 0.93.3, fixing previously incomplete fix for CVE-2008-2713. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id33536
    published2008-07-18
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/33536
    titleFedora 9 : clamav-0.93.3-1.fc9 (2008-6338)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_5_5.NASL
    descriptionThe remote host is running a version of Mac OS X 10.5.x that is prior to 10.5.5. Mac OS X 10.5.5 contains security fixes for a number of programs.
    last seen2020-06-01
    modified2020-06-02
    plugin id34211
    published2008-09-16
    reporterThis script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34211
    titleMac OS X 10.5.x < 10.5.5 Multiple Vulnerabilities

References