Vulnerabilities > CVE-2008-3914 - Information Exposure vulnerability in Clamav
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Subverting Environment Variable Values The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
- Footprinting An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
- Exploiting Trust in Client (aka Make the Client Invisible) An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
- Browser Fingerprinting An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
- Session Credential Falsification through Prediction This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2008-9644.NASL description Security fixes from upstream 0.94 and 0.94.1: CVE-2008-1389 (#461461): Invalid memory access in the CHM unpacker CVE-2008-3912 (#461461): Multiple out-of-memory NULL pointer dereferences CVE-2008-3913 (#461461): Fix memory leak in the error code path in freshclam CVE-2008-3914 (#461461): Multiple file descriptor leaks on the error code path CVE-2008-5050 (#470783): get_unicode_name() off-by-one buffer overflow Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 34774 published 2008-11-16 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34774 title Fedora 9 : clamav-0.93.3-2.fc9 (2008-9644) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2008-9644. # include("compat.inc"); if (description) { script_id(34774); script_version ("1.16"); script_cvs_date("Date: 2019/08/02 13:32:28"); script_cve_id("CVE-2008-1389", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914", "CVE-2008-5050"); script_bugtraq_id(30994, 31051, 32207); script_xref(name:"FEDORA", value:"2008-9644"); script_name(english:"Fedora 9 : clamav-0.93.3-2.fc9 (2008-9644)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Security fixes from upstream 0.94 and 0.94.1: CVE-2008-1389 (#461461): Invalid memory access in the CHM unpacker CVE-2008-3912 (#461461): Multiple out-of-memory NULL pointer dereferences CVE-2008-3913 (#461461): Fix memory leak in the error code path in freshclam CVE-2008-3914 (#461461): Multiple file descriptor leaks on the error code path CVE-2008-5050 (#470783): get_unicode_name() off-by-one buffer overflow Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=461461" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=470783" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-November/016199.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?150bf4e7" ); script_set_attribute( attribute:"solution", value:"Update the affected clamav package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(119, 200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:clamav"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:9"); script_set_attribute(attribute:"patch_publication_date", value:"2008/11/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/11/16"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^9([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 9.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC9", reference:"clamav-0.93.3-2.fc9")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav"); }
NASL family Gain a shell remotely NASL id CLAMAV_0_94.NASL description According to its version, the clamd antivirus daemon on the remote host is earlier than 0.94. Such versions are affected by one or more of the following issues : - A segmentation fault can occur when processing corrupted LZH files. (Bug #1052) - Invalid memory access errors in last seen 2020-06-01 modified 2020-06-02 plugin id 35087 published 2008-12-11 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/35087 title ClamAV < 0.94 Multiple Vulnerabilities code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(35087); script_version("1.19"); script_cvs_date("Date: 2018/11/15 20:50:22"); script_cve_id( "CVE-2008-1389", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914", "CVE-2008-6845" ); script_bugtraq_id(30994, 31051, 32752); script_name(english:"ClamAV < 0.94 Multiple Vulnerabilities"); script_summary(english:"Sends a VERSION command to clamd"); script_set_attribute(attribute:"synopsis", value:"The remote antivirus service is affected by multiple issues."); script_set_attribute(attribute:"description", value: "According to its version, the clamd antivirus daemon on the remote host is earlier than 0.94. Such versions are affected by one or more of the following issues : - A segmentation fault can occur when processing corrupted LZH files. (Bug #1052) - Invalid memory access errors in 'libclamav/chmunpack.c' when processing malformed CHM files may lead to a crash. (Bug #1089) - An out-of-memory null dereference issue exists in 'libclamav/message.c' / 'libclamav/mbox.c'. (Bug #1141) - Possible error path memory leaks exist in 'freshclam/manager.c'. (Bug #1141) - There is an invalid close on error path in 'shared/tar.c'. (Bug #1141) - There are multiple file descriptor leaks involving the 'error path' in 'libclamav/others.c' and 'libclamav/sis.c'. (Bug #1141)"); script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2008/Sep/56"); script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2008/Dec/110"); script_set_attribute(attribute:"see_also", value:"https://www.openwall.com/lists/oss-security/2008/09/03/2"); script_set_attribute(attribute:"see_also", value:"https://www.openwall.com/lists/oss-security/2008/09/04/13"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.clamav.net/show_bug.cgi?id=1052"); script_set_attribute(attribute:"see_also", value:"https://bugzilla.clamav.net/show_bug.cgi?id=1089"); # http://web.archive.org/web/20080723153709/http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?91209430"); # http://web.archive.org/web/20080917045035/http://sourceforge.net/project/shownotes.php?group_id=86638&release_id=623661 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b818ae81"); script_set_attribute(attribute:"solution", value:"Upgrade to ClamAV 0.94 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(200, 399); script_set_attribute(attribute:"plugin_publication_date", value:"2008/12/11"); script_set_attribute(attribute:"potential_vulnerability", value:"true"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:clamav:clamav"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Gain a shell remotely"); script_copyright(english:"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc."); script_dependencies("find_service2.nasl"); script_require_keys("Settings/ParanoidReport"); script_require_ports("Services/clamd", 3310); exit(0); } include("audit.inc"); include("global_settings.inc"); # nb: banner checks of open source software are prone to false- # positives so only run the check if reporting is paranoid. if (report_paranoia < 2) audit(AUDIT_PARANOID); port = get_kb_item("Services/clamd"); if (!port) port = 3310; if (!get_port_state(port)) exit(0); # Establish a connection. soc = open_sock_tcp(port); if (!soc) exit(0); # Send a VERSION command. req = "VERSION"; send(socket:soc, data:req+'\r\n'); res = recv_line(socket:soc, length:128); if (!strlen(res) || "ClamAV " >!< res) exit(0); # Check the version. version = strstr(res, "ClamAV ") - "ClamAV "; if ("/" >< version) version = version - strstr(version, "/"); if (version =~ "^0\.(([0-9]|[0-8][0-9]|9[0-3])($|[^0-9])|94rc)") { if (report_verbosity) { report = string( "\n", "ClamAV version ", version, " appears to be running on the remote host based on\n", "the following response to a 'VERSION' command :\n", "\n", " ", res, "\n" ); security_hole(port:port, extra:report); } else security_hole(port); }
NASL family MacOS X Local Security Checks NASL id MACOSX_SECUPD2008-007.NASL description The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have the security update 2008-007 applied. This security update contains fixes for the following products : - Apache - Certificates - ClamAV - ColorSync - CUPS - Finder - launchd - libxslt - MySQL Server - Networking - PHP - Postfix - PSNormalizer - QuickLook - rlogin - Script Editor - Single Sign-On - Tomcat - vim - Weblog last seen 2020-06-01 modified 2020-06-02 plugin id 34374 published 2008-10-10 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34374 title Mac OS X Multiple Vulnerabilities (Security Update 2008-007) code # # (C) Tenable Network Security, Inc. # if (!defined_func("bn_random")) exit(0); if (NASL_LEVEL < 3004) exit(0); include("compat.inc"); if (description) { script_id(34374); script_version("1.31"); script_cvs_date("Date: 2018/07/14 1:59:35"); script_cve_id( "CVE-2007-2691", "CVE-2007-4850", "CVE-2007-5333", "CVE-2007-5342", "CVE-2007-5461", "CVE-2007-5969", "CVE-2007-6286", "CVE-2007-6420", "CVE-2008-0002", "CVE-2008-0226", "CVE-2008-0227", "CVE-2008-0674", "CVE-2008-1232", "CVE-2008-1389", "CVE-2008-1678", "CVE-2008-1767", "CVE-2008-1947", "CVE-2008-2079", "CVE-2008-2364", "CVE-2008-2370", "CVE-2008-2371", "CVE-2008-2712", "CVE-2008-2938", "CVE-2008-3294", "CVE-2008-3432", "CVE-2008-3641", "CVE-2008-3642", "CVE-2008-3643", "CVE-2008-3645", "CVE-2008-3646", "CVE-2008-3647", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914", "CVE-2008-4101", "CVE-2008-4211", "CVE-2008-4212", "CVE-2008-4214", "CVE-2008-4215" ); script_bugtraq_id( 24016, 26070, 26765, 27006, 27140, 27236, 27413, 27703, 27706, 27786, 29106, 29312, 29502, 29653, 29715, 30087, 30279, 30494, 30496, 30633, 30795, 30994, 31051, 31681, 31692, 31707, 31708, 31711, 31715, 31716, 31718, 31719, 31720, 31721, 31722 ); script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2008-007)"); script_summary(english:"Check for the presence of Security Update 2008-007"); script_set_attribute(attribute:"synopsis", value: "The remote host is missing a Mac OS X update that fixes various security issues." ); script_set_attribute(attribute:"description", value: "The remote host is running a version of Mac OS X 10.5 or 10.4 that does not have the security update 2008-007 applied. This security update contains fixes for the following products : - Apache - Certificates - ClamAV - ColorSync - CUPS - Finder - launchd - libxslt - MySQL Server - Networking - PHP - Postfix - PSNormalizer - QuickLook - rlogin - Script Editor - Single Sign-On - Tomcat - vim - Weblog" ); script_set_attribute(attribute:"see_also", value:"http://support.apple.com/kb/HT3216" ); script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" ); script_set_attribute(attribute:"solution", value: "Install Security Update 2008-007 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"d2_elliot_name", value:"Apache Tomcat File Disclosure"); script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'MySQL yaSSL SSL Hello Message Buffer Overflow'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'D2ExploitPack'); script_cwe_id(16, 20, 22, 79, 94, 119, 189, 200, 264, 352, 362, 399); script_set_attribute(attribute:"plugin_publication_date", value: "2008/10/10"); script_set_attribute(attribute:"vuln_publication_date", value: "2007/10/15"); script_set_attribute(attribute:"patch_publication_date", value: "2008/10/09"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/MacOSX/packages", "Host/uname"); exit(0); } uname = get_kb_item("Host/uname"); if (!uname) exit(0); if (egrep(pattern:"Darwin.* (8\.[0-9]\.|8\.1[01]\.)", string:uname)) { packages = get_kb_item("Host/MacOSX/packages"); if (!packages) exit(0); if (!egrep(pattern:"^SecUpd(Srvr)?(2008-00[78]|2009-|20[1-9][0-9]-)", string:packages)) security_hole(0); } else if (egrep(pattern:"Darwin.* (9\.[0-5]\.)", string:uname)) { packages = get_kb_item("Host/MacOSX/packages/boms"); if (!packages) exit(0); if (!egrep(pattern:"^com\.apple\.pkg\.update\.security\.2008\.007\.bom", string:packages)) security_hole(0); }
NASL family SuSE Local Security Checks NASL id SUSE9_12236.NASL description This version update of clamav to 0.94 fixes numerous problems, including the following security issues : - Fix possible invalid memory access. (CVE-2008-1389) - Fix out-of-memory null dereference. (CVE-2008-3912) - Fix error path memory leaks and file descriptor leaks. (CVE-2008-3913, CVE-2008-3914) last seen 2020-06-01 modified 2020-06-02 plugin id 41239 published 2009-09-24 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/41239 title SuSE9 Security Update : clamav (YOU Patch Number 12236) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # include("compat.inc"); if (description) { script_id(41239); script_version("1.9"); script_cvs_date("Date: 2019/10/25 13:36:31"); script_cve_id("CVE-2008-1389", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914"); script_name(english:"SuSE9 Security Update : clamav (YOU Patch Number 12236)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 9 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This version update of clamav to 0.94 fixes numerous problems, including the following security issues : - Fix possible invalid memory access. (CVE-2008-1389) - Fix out-of-memory null dereference. (CVE-2008-3912) - Fix error path memory leaks and file descriptor leaks. (CVE-2008-3913, CVE-2008-3914)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-1389.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-3912.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-3913.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-3914.html" ); script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12236."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2008/09/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SUSE9", reference:"clamav-0.94-0.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
NASL family SuSE Local Security Checks NASL id SUSE_CLAMAV-5579.NASL description This version update to 0.94 fixes numerous problems including some security relevant ones. (CVE-2008-3912 / CVE-2008-1389 / CVE-2008-3913 / CVE-2008-3914) last seen 2020-06-01 modified 2020-06-02 plugin id 34167 published 2008-09-11 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34167 title SuSE 10 Security Update : clamav (ZYPP Patch Number 5579) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The text description of this plugin is (C) Novell, Inc. # if (NASL_LEVEL < 3000) exit(0); include("compat.inc"); if (description) { script_id(34167); script_version ("1.17"); script_cvs_date("Date: 2019/10/25 13:36:32"); script_cve_id("CVE-2008-1389", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914"); script_name(english:"SuSE 10 Security Update : clamav (ZYPP Patch Number 5579)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote SuSE 10 host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "This version update to 0.94 fixes numerous problems including some security relevant ones. (CVE-2008-3912 / CVE-2008-1389 / CVE-2008-3913 / CVE-2008-3914)" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-1389.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-3912.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-3913.html" ); script_set_attribute( attribute:"see_also", value:"http://support.novell.com/security/cve/CVE-2008-3914.html" ); script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 5579."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2008/09/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/09/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled."); if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE."); if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages."); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) exit(1, "Failed to determine the architecture type."); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented."); flag = 0; if (rpm_check(release:"SLED10", sp:2, reference:"clamav-0.94-0.1")) flag++; if (rpm_check(release:"SLES10", sp:1, reference:"clamav-0.94-0.1")) flag++; if (rpm_check(release:"SLES10", sp:2, reference:"clamav-0.94-0.1")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else exit(0, "The host is not affected.");
NASL family SuSE Local Security Checks NASL id SUSE_CLAMAV-5578.NASL description This version update to 0.94 fixes numerous problems including some security relevant ones (CVE-2008-3912, CVE-2008-1389, CVE-2008-3913, CVE-2008-3914). last seen 2020-06-01 modified 2020-06-02 plugin id 34166 published 2008-09-11 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34166 title openSUSE 10 Security Update : clamav (clamav-5578) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update clamav-5578. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(34166); script_version ("1.11"); script_cvs_date("Date: 2019/10/25 13:36:32"); script_cve_id("CVE-2008-1389", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914"); script_name(english:"openSUSE 10 Security Update : clamav (clamav-5578)"); script_summary(english:"Check for the clamav-5578 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This version update to 0.94 fixes numerous problems including some security relevant ones (CVE-2008-3912, CVE-2008-1389, CVE-2008-3913, CVE-2008-3914)." ); script_set_attribute( attribute:"solution", value:"Update the affected clamav packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:clamav"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:clamav-db"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.2"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3"); script_set_attribute(attribute:"patch_publication_date", value:"2008/09/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/09/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.2|SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.2 / 10.3", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE10.2", reference:"clamav-0.94-0.1") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"clamav-db-0.94-0.1") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"clamav-0.94-0.1") ) flag++; if ( rpm_check(release:"SUSE10.3", reference:"clamav-db-0.94-0.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav / clamav-db"); }
NASL family SuSE Local Security Checks NASL id SUSE_11_0_CLAMAV-080905.NASL description This version update to 0.94 fixes numerous problems including some security relevant ones (CVE-2008-3912, CVE-2008-1389, CVE-2008-3913, CVE-2008-3914). last seen 2020-06-01 modified 2020-06-02 plugin id 39931 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/39931 title openSUSE Security Update : clamav (clamav-181) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update clamav-181. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(39931); script_version("1.12"); script_cvs_date("Date: 2019/10/25 13:36:31"); script_cve_id("CVE-2008-1389", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914"); script_name(english:"openSUSE Security Update : clamav (clamav-181)"); script_summary(english:"Check for the clamav-181 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This version update to 0.94 fixes numerous problems including some security relevant ones (CVE-2008-3912, CVE-2008-1389, CVE-2008-3913, CVE-2008-3914)." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=422317" ); script_set_attribute( attribute:"solution", value:"Update the affected clamav packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:clamav"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:clamav-db"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0"); script_set_attribute(attribute:"patch_publication_date", value:"2008/09/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.0", reference:"clamav-0.94-0.1") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"clamav-db-0.94-0.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav / clamav-db"); }
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-1660.NASL description Several denial-of-service vulnerabilities have been discovered in the ClamAV anti-virus toolkit : Insufficient checking for out-of-memory conditions results in NULL pointer dereferences (CVE-2008-3912 ). Incorrect error handling logic leads to memory leaks (CVE-2008-3913 ) and file descriptor leaks (CVE-2008-3914 ). last seen 2020-06-01 modified 2020-06-02 plugin id 34500 published 2008-10-27 reporter This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/34500 title Debian DSA-1660-1 : clamav - NULL pointer dereference, resource exhaustion code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-1660. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(34500); script_version("1.16"); script_cvs_date("Date: 2019/08/02 13:32:21"); script_cve_id("CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914"); script_bugtraq_id(31051); script_xref(name:"DSA", value:"1660"); script_name(english:"Debian DSA-1660-1 : clamav - NULL pointer dereference, resource exhaustion"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "Several denial-of-service vulnerabilities have been discovered in the ClamAV anti-virus toolkit : Insufficient checking for out-of-memory conditions results in NULL pointer dereferences (CVE-2008-3912 ). Incorrect error handling logic leads to memory leaks (CVE-2008-3913 ) and file descriptor leaks (CVE-2008-3914 )." ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-3912" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-3913" ); script_set_attribute( attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2008-3914" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2008/dsa-1660" ); script_set_attribute( attribute:"solution", value: "Upgrade the clamav package. For the stable distribution (etch), these problems have been fixed in version 0.90.1dfsg-4etch15." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:clamav"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0"); script_set_attribute(attribute:"patch_publication_date", value:"2008/10/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/10/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"4.0", prefix:"clamav", reference:"0.90.1dfsg-4etch15")) flag++; if (deb_check(release:"4.0", prefix:"clamav-base", reference:"0.90.1dfsg-4etch15")) flag++; if (deb_check(release:"4.0", prefix:"clamav-daemon", reference:"0.90.1dfsg-4etch15")) flag++; if (deb_check(release:"4.0", prefix:"clamav-dbg", reference:"0.90.1dfsg-4etch15")) flag++; if (deb_check(release:"4.0", prefix:"clamav-docs", reference:"0.90.1dfsg-4etch15")) flag++; if (deb_check(release:"4.0", prefix:"clamav-freshclam", reference:"0.90.1dfsg-4etch15")) flag++; if (deb_check(release:"4.0", prefix:"clamav-milter", reference:"0.90.1dfsg-4etch15")) flag++; if (deb_check(release:"4.0", prefix:"clamav-testfiles", reference:"0.90.1dfsg-4etch15")) flag++; if (deb_check(release:"4.0", prefix:"libclamav-dev", reference:"0.90.1dfsg-4etch15")) flag++; if (deb_check(release:"4.0", prefix:"libclamav2", reference:"0.90.1dfsg-4etch15")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Fedora Local Security Checks NASL id FEDORA_2008-9651.NASL description Security fixes from upstream 0.94 and 0.94.1: CVE-2008-3912 (#461461): Multiple out-of-memory NULL pointer dereferences CVE-2008-3913 (#461461): Fix memory leak in the error code path in freshclam CVE-2008-3914 (#461461): File descriptor leak on the error code path CVE-2008-5050 (#470783): get_unicode_name() off-by-one buffer overflow Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 34775 published 2008-11-16 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34775 title Fedora 8 : clamav-0.92.1-4.fc8 (2008-9651) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2008-9651. # include("compat.inc"); if (description) { script_id(34775); script_version ("1.16"); script_cvs_date("Date: 2019/08/02 13:32:28"); script_cve_id("CVE-2008-1389", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914", "CVE-2008-5050"); script_bugtraq_id(31051, 32207); script_xref(name:"FEDORA", value:"2008-9651"); script_name(english:"Fedora 8 : clamav-0.92.1-4.fc8 (2008-9651)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Security fixes from upstream 0.94 and 0.94.1: CVE-2008-3912 (#461461): Multiple out-of-memory NULL pointer dereferences CVE-2008-3913 (#461461): Fix memory leak in the error code path in freshclam CVE-2008-3914 (#461461): File descriptor leak on the error code path CVE-2008-5050 (#470783): get_unicode_name() off-by-one buffer overflow Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=461461" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=470783" ); # https://lists.fedoraproject.org/pipermail/package-announce/2008-November/016215.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?732943be" ); script_set_attribute( attribute:"solution", value:"Update the affected clamav package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(119, 200, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:clamav"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:8"); script_set_attribute(attribute:"patch_publication_date", value:"2008/11/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2008/11/16"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 8.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC8", reference:"clamav-0.92.1-4.fc8")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav"); }
NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2008-189.NASL description Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.94 release, including : A vulnerability in ClamAV last seen 2020-06-01 modified 2020-06-02 plugin id 38032 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/38032 title Mandriva Linux Security Advisory : clamav (MDVSA-2008:189-1) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200809-18.NASL description The remote host is affected by the vulnerability described in GLSA-200809-18 (ClamAV: Multiple Denials of Service) Hanno boeck reported an error in libclamav/chmunpack.c when processing CHM files (CVE-2008-1389). Other unspecified vulnerabilities were also reported, including a NULL pointer dereference in libclamav (CVE-2008-3912), memory leaks in freshclam/manager.c (CVE-2008-3913), and file descriptor leaks in libclamav/others.c and libclamav/sis.c (CVE-2008-3914). Impact : A remote attacker could entice a user or automated system to scan a specially crafted CHM, possibly resulting in a Denial of Service (daemon crash). The other attack vectors mentioned above could also result in a Denial of Service. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 34299 published 2008-09-26 reporter This script is Copyright (C) 2008-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/34299 title GLSA-200809-18 : ClamAV: Multiple Denials of Service
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 31051 CVE ID:CVE-2008-3914 CVE-2008-3913 CVE-2008-3912 CNCVE ID:CNCVE-20083914 CNCVE-20083913 CNCVE-20083912 ClamAV是一款反病毒应用程序。 ClamAV存在多个未明内存破坏问题,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击,或可能导致敏感信息泄漏或执行任意代码。 目前没有详细漏洞细节提供。 Pardus Linux 2008 0 Pardus Linux 2007 0 ifenslave ifenslave 0.88 Clam Anti-Virus ClamAV 0.93.1 Clam Anti-Virus ClamAV 0.92.1 Clam Anti-Virus ClamAV 0.91.2 Clam Anti-Virus ClamAV 0.91.1 Clam Anti-Virus ClamAV 0.90.3 Clam Anti-Virus ClamAV 0.90.2 Clam Anti-Virus ClamAV 0.90.1 + Debian Linux 4.0 sparc + Debian Linux 4.0 s/390 + Debian Linux 4.0 powerpc + Debian Linux 4.0 mipsel + Debian Linux 4.0 mips + Debian Linux 4.0 m68k + Debian Linux 4.0 ia-64 + Debian Linux 4.0 ia-32 + Debian Linux 4.0 hppa + Debian Linux 4.0 arm + Debian Linux 4.0 amd64 + Debian Linux 4.0 alpha + Debian Linux 4.0 Clam Anti-Virus ClamAV 0.90 - MandrakeSoft Corporate Server 4.0 x86_64 - MandrakeSoft Corporate Server 3.0 x86_64 - MandrakeSoft Corporate Server 3.0 - MandrakeSoft Corporate Server 4.0 - MandrakeSoft Linux Mandrake 2007.1 x86_64 - MandrakeSoft Linux Mandrake 2007.1 - MandrakeSoft Linux Mandrake 2007.0 x86_64 - MandrakeSoft Linux Mandrake 2007.0 Clam Anti-Virus ClamAV 0.88.5 Clam Anti-Virus ClamAV 0.88.4 Clam Anti-Virus ClamAV 0.88.3 Clam Anti-Virus ClamAV 0.88.2 Clam Anti-Virus ClamAV 0.88.1 Clam Anti-Virus ClamAV 0.87.1 Clam Anti-Virus ClamAV 0.87 -1 Clam Anti-Virus ClamAV 0.87 Clam Anti-Virus ClamAV 0.86.2 Clam Anti-Virus ClamAV 0.86 .1 Clam Anti-Virus ClamAV 0.86 Clam Anti-Virus ClamAV 0.85.1 Clam Anti-Virus ClamAV 0.85 Clam Anti-Virus ClamAV 0.84 rc2 Clam Anti-Virus ClamAV 0.84 rc1 Clam Anti-Virus ClamAV 0.84 + Debian Linux 3.1 sparc + Debian Linux 3.1 s/390 + Debian Linux 3.1 ppc + Debian Linux 3.1 mipsel + Debian Linux 3.1 mips + Debian Linux 3.1 m68k + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 hppa + Debian Linux 3.1 arm + Debian Linux 3.1 alpha + Debian Linux 3.1 Clam Anti-Virus ClamAV 0.83 Clam Anti-Virus ClamAV 0.82 Clam Anti-Virus ClamAV 0.81 + Gentoo Linux Clam Anti-Virus ClamAV 0.80 rc4 Clam Anti-Virus ClamAV 0.80 rc3 Clam Anti-Virus ClamAV 0.80 rc2 Clam Anti-Virus ClamAV 0.80 rc1 Clam Anti-Virus ClamAV 0.80 Clam Anti-Virus ClamAV 0.75.1 Clam Anti-Virus ClamAV 0.70 Clam Anti-Virus ClamAV 0.68 -1 Clam Anti-Virus ClamAV 0.68 Clam Anti-Virus ClamAV 0.67 + Gentoo Linux 1.4 _rc3 + Gentoo Linux 1.4 _rc2 + Gentoo Linux 1.4 _rc1 + Gentoo Linux 1.4 Clam Anti-Virus ClamAV 0.65 Clam Anti-Virus ClamAV 0.60 Clam Anti-Virus ClamAV 0.54 Clam Anti-Virus ClamAV 0.53 Clam Anti-Virus ClamAV 0.52 Clam Anti-Virus ClamAV 0.51 Clam Anti-Virus ClamAV 0.93 Clam Anti-Virus ClamAV 0.92 Clam Anti-Virus ClamAV 0.91 Clam Anti-Virus ClamAV 0.88.6 升级程序: Clam Anti-Virus ClamAV 0.88.6 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.91 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.93 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.92 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.51 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.52 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.53 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.54 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.60 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.65 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.67 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.68 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.68 -1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.70 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.75.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.80 rc4 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.80 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.80 rc3 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.80 rc1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.80 rc2 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.81 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.82 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.83 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.84 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.84 rc1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.84 rc2 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.85 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.85.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.86 .1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.86 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.86.2 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.87 -1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.87 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.87.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> ifenslave ifenslave 0.88 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.88.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.88.2 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.88.3 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.88.4 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.88.5 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.90 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.90.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.90.2 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.90.3 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.91.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.91.2 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.92.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.93.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> |
id | SSV:4013 |
last seen | 2017-11-19 |
modified | 2008-09-11 |
published | 2008-09-11 |
reporter | Root |
title | ClamAV多个未明内存破坏漏洞 |
References
- http://kolab.org/security/kolab-vendor-notice-22.txt
- http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
- http://secunia.com/advisories/31906
- http://secunia.com/advisories/31982
- http://secunia.com/advisories/32030
- http://secunia.com/advisories/32222
- http://secunia.com/advisories/32424
- http://secunia.com/advisories/32699
- http://security.gentoo.org/glsa/glsa-200809-18.xml
- http://sourceforge.net/project/shownotes.php?group_id=86638&release_id=623661
- http://support.apple.com/kb/HT3216
- http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog
- http://www.debian.org/security/2008/dsa-1660
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:189
- http://www.openwall.com/lists/oss-security/2008/09/03/2
- http://www.openwall.com/lists/oss-security/2008/09/04/13
- http://www.securityfocus.com/bid/31051
- http://www.securityfocus.com/bid/31681
- http://www.securitytracker.com/id?1020828
- http://www.vupen.com/english/advisories/2008/2564
- http://www.vupen.com/english/advisories/2008/2780
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45058
- https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00332.html
- https://www.redhat.com/archives/fedora-package-announce/2008-November/msg00348.html
- https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1141