Vulnerabilities > CVE-2008-3914 - Information Exposure vulnerability in Clamav

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
clamav
CWE-200
critical
nessus

Summary

Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c.

Vulnerable Configurations

Part Description Count
Application
Clamav
115

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Subverting Environment Variable Values
    The attacker directly or indirectly modifies environment variables used by or controlling the target software. The attacker's goal is to cause the target software to deviate from its expected operation in a manner that benefits the attacker.
  • Footprinting
    An attacker engages in probing and exploration activity to identify constituents and properties of the target. Footprinting is a general term to describe a variety of information gathering techniques, often used by attackers in preparation for some attack. It consists of using tools to learn as much as possible about the composition, configuration, and security mechanisms of the targeted application, system or network. Information that might be collected during a footprinting effort could include open ports, applications and their versions, network topology, and similar information. While footprinting is not intended to be damaging (although certain activities, such as network scans, can sometimes cause disruptions to vulnerable applications inadvertently) it may often pave the way for more damaging attacks.
  • Exploiting Trust in Client (aka Make the Client Invisible)
    An attack of this type exploits a programs' vulnerabilities in client/server communication channel authentication and data integrity. It leverages the implicit trust a server places in the client, or more importantly, that which the server believes is the client. An attacker executes this type of attack by placing themselves in the communication channel between client and server such that communication directly to the server is possible where the server believes it is communicating only with a valid client. There are numerous variations of this type of attack.
  • Browser Fingerprinting
    An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Many web-based attacks need prior knowledge of the web browser including the version of browser to ensure successful exploitation of a vulnerability. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim. Automating this process via Java Script as a part of the same delivery system used to exploit the browser is considered more efficient as the attacker can supply a browser fingerprinting method and integrate it with exploit code, all contained in Java Script and in response to the same web page request by the browser.
  • Session Credential Falsification through Prediction
    This attack targets predictable session ID in order to gain privileges. The attacker can predict the session ID used during a transaction to perform spoofing and session hijacking.

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-9644.NASL
    descriptionSecurity fixes from upstream 0.94 and 0.94.1: CVE-2008-1389 (#461461): Invalid memory access in the CHM unpacker CVE-2008-3912 (#461461): Multiple out-of-memory NULL pointer dereferences CVE-2008-3913 (#461461): Fix memory leak in the error code path in freshclam CVE-2008-3914 (#461461): Multiple file descriptor leaks on the error code path CVE-2008-5050 (#470783): get_unicode_name() off-by-one buffer overflow Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id34774
    published2008-11-16
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34774
    titleFedora 9 : clamav-0.93.3-2.fc9 (2008-9644)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2008-9644.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(34774);
      script_version ("1.16");
      script_cvs_date("Date: 2019/08/02 13:32:28");
    
      script_cve_id("CVE-2008-1389", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914", "CVE-2008-5050");
      script_bugtraq_id(30994, 31051, 32207);
      script_xref(name:"FEDORA", value:"2008-9644");
    
      script_name(english:"Fedora 9 : clamav-0.93.3-2.fc9 (2008-9644)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security fixes from upstream 0.94 and 0.94.1: CVE-2008-1389 (#461461):
    Invalid memory access in the CHM unpacker CVE-2008-3912 (#461461):
    Multiple out-of-memory NULL pointer dereferences CVE-2008-3913
    (#461461): Fix memory leak in the error code path in freshclam
    CVE-2008-3914 (#461461): Multiple file descriptor leaks on the error
    code path CVE-2008-5050 (#470783): get_unicode_name() off-by-one
    buffer overflow
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=461461"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=470783"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2008-November/016199.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?150bf4e7"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected clamav package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(119, 200, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:clamav");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:9");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/11/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/11/16");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^9([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 9.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC9", reference:"clamav-0.93.3-2.fc9")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav");
    }
    
  • NASL familyGain a shell remotely
    NASL idCLAMAV_0_94.NASL
    descriptionAccording to its version, the clamd antivirus daemon on the remote host is earlier than 0.94. Such versions are affected by one or more of the following issues : - A segmentation fault can occur when processing corrupted LZH files. (Bug #1052) - Invalid memory access errors in
    last seen2020-06-01
    modified2020-06-02
    plugin id35087
    published2008-12-11
    reporterThis script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35087
    titleClamAV < 0.94 Multiple Vulnerabilities
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(35087);
      script_version("1.19");
      script_cvs_date("Date: 2018/11/15 20:50:22");
    
      script_cve_id(
        "CVE-2008-1389",
        "CVE-2008-3912",
        "CVE-2008-3913",
        "CVE-2008-3914",
        "CVE-2008-6845"
      );
      script_bugtraq_id(30994, 31051, 32752);
    
      script_name(english:"ClamAV < 0.94 Multiple Vulnerabilities");
      script_summary(english:"Sends a VERSION command to clamd");
    
      script_set_attribute(attribute:"synopsis", value:"The remote antivirus service is affected by multiple issues.");
      script_set_attribute(attribute:"description", value:
    "According to its version, the clamd antivirus daemon on the remote
    host is earlier than 0.94. Such versions are affected by one or more
    of the following issues :
    
      - A segmentation fault can occur when processing corrupted
        LZH files. (Bug #1052)
    
      - Invalid memory access errors in 'libclamav/chmunpack.c'
        when processing malformed CHM files may lead to a
        crash. (Bug #1089)
    
      - An out-of-memory null dereference issue exists in
        'libclamav/message.c' / 'libclamav/mbox.c'. (Bug #1141)
    
      - Possible error path memory leaks exist in
        'freshclam/manager.c'. (Bug #1141)
    
      - There is an invalid close on error path in
        'shared/tar.c'. (Bug #1141)
    
      - There are multiple file descriptor leaks involving the
        'error path' in 'libclamav/others.c' and
        'libclamav/sis.c'. (Bug #1141)");
      script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2008/Sep/56");
      script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2008/Dec/110");
      script_set_attribute(attribute:"see_also", value:"https://www.openwall.com/lists/oss-security/2008/09/03/2");
      script_set_attribute(attribute:"see_also", value:"https://www.openwall.com/lists/oss-security/2008/09/04/13");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.clamav.net/show_bug.cgi?id=1052");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.clamav.net/show_bug.cgi?id=1089");
      # http://web.archive.org/web/20080723153709/http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?91209430");
      # http://web.archive.org/web/20080917045035/http://sourceforge.net/project/shownotes.php?group_id=86638&release_id=623661
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b818ae81");
      script_set_attribute(attribute:"solution", value:"Upgrade to ClamAV 0.94 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(200, 399);
    
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/12/11");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:clamav:clamav");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Gain a shell remotely");
    
      script_copyright(english:"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.");
    
      script_dependencies("find_service2.nasl");
      script_require_keys("Settings/ParanoidReport");
      script_require_ports("Services/clamd", 3310);
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    
    
    # nb: banner checks of open source software are prone to false-
    #     positives so only run the check if reporting is paranoid.
    if (report_paranoia < 2) audit(AUDIT_PARANOID);
    
    
    port = get_kb_item("Services/clamd");
    if (!port) port = 3310;
    if (!get_port_state(port)) exit(0);
    
    
    # Establish a connection.
    soc = open_sock_tcp(port);
    if (!soc) exit(0);
    
    
    # Send a VERSION command.
    req = "VERSION";
    send(socket:soc, data:req+'\r\n');
    
    res = recv_line(socket:soc, length:128);
    if (!strlen(res) || "ClamAV " >!< res) exit(0);
    
    
    # Check the version.
    version = strstr(res, "ClamAV ") - "ClamAV ";
    if ("/" >< version) version = version - strstr(version, "/");
    
    if (version =~ "^0\.(([0-9]|[0-8][0-9]|9[0-3])($|[^0-9])|94rc)")
    {
      if (report_verbosity)
      {
        report = string(
          "\n",
          "ClamAV version ", version, " appears to be running on the remote host based on\n",
          "the following response to a 'VERSION' command :\n",
          "\n",
          "  ", res, "\n"
        );
        security_hole(port:port, extra:report);
      }
      else security_hole(port);
    }
    
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2008-007.NASL
    descriptionThe remote host is running a version of Mac OS X 10.5 or 10.4 that does not have the security update 2008-007 applied. This security update contains fixes for the following products : - Apache - Certificates - ClamAV - ColorSync - CUPS - Finder - launchd - libxslt - MySQL Server - Networking - PHP - Postfix - PSNormalizer - QuickLook - rlogin - Script Editor - Single Sign-On - Tomcat - vim - Weblog
    last seen2020-06-01
    modified2020-06-02
    plugin id34374
    published2008-10-10
    reporterThis script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34374
    titleMac OS X Multiple Vulnerabilities (Security Update 2008-007)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    
    if (!defined_func("bn_random")) exit(0);
    if (NASL_LEVEL < 3004) exit(0);
    
    
    
    include("compat.inc");
    
    if (description)
    {
      script_id(34374);
      script_version("1.31");
      script_cvs_date("Date: 2018/07/14  1:59:35");
    
      script_cve_id(
        "CVE-2007-2691",
        "CVE-2007-4850",
        "CVE-2007-5333",
        "CVE-2007-5342",
        "CVE-2007-5461",
        "CVE-2007-5969",
        "CVE-2007-6286",
        "CVE-2007-6420",
        "CVE-2008-0002",
        "CVE-2008-0226",
        "CVE-2008-0227",
        "CVE-2008-0674",
        "CVE-2008-1232",
        "CVE-2008-1389",
        "CVE-2008-1678",
        "CVE-2008-1767",
        "CVE-2008-1947",
        "CVE-2008-2079",
        "CVE-2008-2364",
        "CVE-2008-2370",
        "CVE-2008-2371",
        "CVE-2008-2712",
        "CVE-2008-2938",
        "CVE-2008-3294",
        "CVE-2008-3432",
        "CVE-2008-3641",
        "CVE-2008-3642",
        "CVE-2008-3643",
        "CVE-2008-3645",
        "CVE-2008-3646",
        "CVE-2008-3647",
        "CVE-2008-3912",
        "CVE-2008-3913",
        "CVE-2008-3914",
        "CVE-2008-4101",
        "CVE-2008-4211",
        "CVE-2008-4212",
        "CVE-2008-4214",
        "CVE-2008-4215"
      );
      script_bugtraq_id(
        24016,
        26070,
        26765,
        27006,
        27140,
        27236,
        27413,
        27703,
        27706,
        27786,
        29106,
        29312,
        29502,
        29653,
        29715,
        30087,
        30279,
        30494,
        30496,
        30633,
        30795,
        30994,
        31051,
        31681,
        31692,
        31707,
        31708,
        31711,
        31715,
        31716,
        31718,
        31719,
        31720,
        31721,
        31722
      );
    
      script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2008-007)");
      script_summary(english:"Check for the presence of Security Update 2008-007");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote host is missing a Mac OS X update that fixes various
    security issues." );
      script_set_attribute(attribute:"description", value:
    "The remote host is running a version of Mac OS X 10.5 or 10.4 that
    does not have the security update 2008-007 applied. 
    
    This security update contains fixes for the following products :
    
      - Apache
      - Certificates
      - ClamAV
      - ColorSync
      - CUPS
      - Finder
      - launchd
      - libxslt
      - MySQL Server
      - Networking
      - PHP
      - Postfix
      - PSNormalizer
      - QuickLook
      - rlogin
      - Script Editor
      - Single Sign-On
      - Tomcat
      - vim
      - Weblog" );
      script_set_attribute(attribute:"see_also", value:"http://support.apple.com/kb/HT3216" );
      script_set_attribute(attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html" );
      script_set_attribute(attribute:"solution", value:
    "Install Security Update 2008-007 or later." );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"d2_elliot_name", value:"Apache Tomcat File Disclosure");
      script_set_attribute(attribute:"exploit_framework_d2_elliot", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'MySQL yaSSL SSL Hello Message Buffer Overflow');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
      script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
      script_set_attribute(attribute:"canvas_package", value:'D2ExploitPack');
      script_cwe_id(16, 20, 22, 79, 94, 119, 189, 200, 264, 352, 362, 399);
    script_set_attribute(attribute:"plugin_publication_date", value: "2008/10/10");
      script_set_attribute(attribute:"vuln_publication_date", value: "2007/10/15");
      script_set_attribute(attribute:"patch_publication_date", value: "2008/10/09");
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"MacOS X Local Security Checks");
      script_copyright(english:"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.");
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/MacOSX/packages", "Host/uname");
      exit(0);
    }
    
    
    uname = get_kb_item("Host/uname");
    if (!uname) exit(0);
    
    if (egrep(pattern:"Darwin.* (8\.[0-9]\.|8\.1[01]\.)", string:uname))
    {
      packages = get_kb_item("Host/MacOSX/packages");
      if (!packages) exit(0);
    
      if (!egrep(pattern:"^SecUpd(Srvr)?(2008-00[78]|2009-|20[1-9][0-9]-)", string:packages))
        security_hole(0);
    }
    else if (egrep(pattern:"Darwin.* (9\.[0-5]\.)", string:uname))
    {
      packages = get_kb_item("Host/MacOSX/packages/boms");
      if (!packages) exit(0);
    
      if (!egrep(pattern:"^com\.apple\.pkg\.update\.security\.2008\.007\.bom", string:packages))
        security_hole(0);
    }
    
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE9_12236.NASL
    descriptionThis version update of clamav to 0.94 fixes numerous problems, including the following security issues : - Fix possible invalid memory access. (CVE-2008-1389) - Fix out-of-memory null dereference. (CVE-2008-3912) - Fix error path memory leaks and file descriptor leaks. (CVE-2008-3913, CVE-2008-3914)
    last seen2020-06-01
    modified2020-06-02
    plugin id41239
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41239
    titleSuSE9 Security Update : clamav (YOU Patch Number 12236)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(41239);
      script_version("1.9");
      script_cvs_date("Date: 2019/10/25 13:36:31");
    
      script_cve_id("CVE-2008-1389", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914");
    
      script_name(english:"SuSE9 Security Update : clamav (YOU Patch Number 12236)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 9 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This version update of clamav to 0.94 fixes numerous problems,
    including the following security issues :
    
      - Fix possible invalid memory access. (CVE-2008-1389)
    
      - Fix out-of-memory null dereference. (CVE-2008-3912)
    
      - Fix error path memory leaks and file descriptor leaks.
        (CVE-2008-3913, CVE-2008-3914)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-1389.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-3912.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-3913.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-3914.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12236.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(200, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/09/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SUSE9", reference:"clamav-0.94-0.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_CLAMAV-5579.NASL
    descriptionThis version update to 0.94 fixes numerous problems including some security relevant ones. (CVE-2008-3912 / CVE-2008-1389 / CVE-2008-3913 / CVE-2008-3914)
    last seen2020-06-01
    modified2020-06-02
    plugin id34167
    published2008-09-11
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34167
    titleSuSE 10 Security Update : clamav (ZYPP Patch Number 5579)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    if (NASL_LEVEL < 3000) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(34167);
      script_version ("1.17");
      script_cvs_date("Date: 2019/10/25 13:36:32");
    
      script_cve_id("CVE-2008-1389", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914");
    
      script_name(english:"SuSE 10 Security Update : clamav (ZYPP Patch Number 5579)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 10 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This version update to 0.94 fixes numerous problems including some
    security relevant ones. (CVE-2008-3912 / CVE-2008-1389 / CVE-2008-3913
    / CVE-2008-3914)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-1389.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-3912.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-3913.html"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-3914.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 5579.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(200, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/09/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/09/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SLED10", sp:2, reference:"clamav-0.94-0.1")) flag++;
    if (rpm_check(release:"SLES10", sp:1, reference:"clamav-0.94-0.1")) flag++;
    if (rpm_check(release:"SLES10", sp:2, reference:"clamav-0.94-0.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_CLAMAV-5578.NASL
    descriptionThis version update to 0.94 fixes numerous problems including some security relevant ones (CVE-2008-3912, CVE-2008-1389, CVE-2008-3913, CVE-2008-3914).
    last seen2020-06-01
    modified2020-06-02
    plugin id34166
    published2008-09-11
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34166
    titleopenSUSE 10 Security Update : clamav (clamav-5578)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update clamav-5578.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(34166);
      script_version ("1.11");
      script_cvs_date("Date: 2019/10/25 13:36:32");
    
      script_cve_id("CVE-2008-1389", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914");
    
      script_name(english:"openSUSE 10 Security Update : clamav (clamav-5578)");
      script_summary(english:"Check for the clamav-5578 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This version update to 0.94 fixes numerous problems including some
    security relevant ones (CVE-2008-3912, CVE-2008-1389, CVE-2008-3913,
    CVE-2008-3914)."
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected clamav packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(200, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:clamav");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:clamav-db");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.2");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.3");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/09/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/09/11");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE10\.2|SUSE10\.3)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.2 / 10.3", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE10.2", reference:"clamav-0.94-0.1") ) flag++;
    if ( rpm_check(release:"SUSE10.2", reference:"clamav-db-0.94-0.1") ) flag++;
    if ( rpm_check(release:"SUSE10.3", reference:"clamav-0.94-0.1") ) flag++;
    if ( rpm_check(release:"SUSE10.3", reference:"clamav-db-0.94-0.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav / clamav-db");
    }
    
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_CLAMAV-080905.NASL
    descriptionThis version update to 0.94 fixes numerous problems including some security relevant ones (CVE-2008-3912, CVE-2008-1389, CVE-2008-3913, CVE-2008-3914).
    last seen2020-06-01
    modified2020-06-02
    plugin id39931
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/39931
    titleopenSUSE Security Update : clamav (clamav-181)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from openSUSE Security Update clamav-181.
    #
    # The text description of this plugin is (C) SUSE LLC.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(39931);
      script_version("1.12");
      script_cvs_date("Date: 2019/10/25 13:36:31");
    
      script_cve_id("CVE-2008-1389", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914");
    
      script_name(english:"openSUSE Security Update : clamav (clamav-181)");
      script_summary(english:"Check for the clamav-181 patch");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote openSUSE host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This version update to 0.94 fixes numerous problems including some
    security relevant ones (CVE-2008-3912, CVE-2008-1389, CVE-2008-3913,
    CVE-2008-3914)."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.novell.com/show_bug.cgi?id=422317"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected clamav packages."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_cwe_id(200, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:clamav");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:clamav-db");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/09/05");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
    if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release);
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    ourarch = get_kb_item("Host/cpu");
    if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
    if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);
    
    flag = 0;
    
    if ( rpm_check(release:"SUSE11.0", reference:"clamav-0.94-0.1") ) flag++;
    if ( rpm_check(release:"SUSE11.0", reference:"clamav-db-0.94-0.1") ) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav / clamav-db");
    }
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1660.NASL
    descriptionSeveral denial-of-service vulnerabilities have been discovered in the ClamAV anti-virus toolkit : Insufficient checking for out-of-memory conditions results in NULL pointer dereferences (CVE-2008-3912 ). Incorrect error handling logic leads to memory leaks (CVE-2008-3913 ) and file descriptor leaks (CVE-2008-3914 ).
    last seen2020-06-01
    modified2020-06-02
    plugin id34500
    published2008-10-27
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/34500
    titleDebian DSA-1660-1 : clamav - NULL pointer dereference, resource exhaustion
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-1660. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(34500);
      script_version("1.16");
      script_cvs_date("Date: 2019/08/02 13:32:21");
    
      script_cve_id("CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914");
      script_bugtraq_id(31051);
      script_xref(name:"DSA", value:"1660");
    
      script_name(english:"Debian DSA-1660-1 : clamav - NULL pointer dereference, resource exhaustion");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Several denial-of-service vulnerabilities have been discovered in the
    ClamAV anti-virus toolkit :
    
    Insufficient checking for out-of-memory conditions results in NULL
    pointer dereferences (CVE-2008-3912 ).
    
    Incorrect error handling logic leads to memory leaks (CVE-2008-3913 )
    and file descriptor leaks (CVE-2008-3914 )."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-3912"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-3913"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-3914"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2008/dsa-1660"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the clamav package.
    
    For the stable distribution (etch), these problems have been fixed in
    version 0.90.1dfsg-4etch15."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(200, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:clamav");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/10/26");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/10/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"4.0", prefix:"clamav", reference:"0.90.1dfsg-4etch15")) flag++;
    if (deb_check(release:"4.0", prefix:"clamav-base", reference:"0.90.1dfsg-4etch15")) flag++;
    if (deb_check(release:"4.0", prefix:"clamav-daemon", reference:"0.90.1dfsg-4etch15")) flag++;
    if (deb_check(release:"4.0", prefix:"clamav-dbg", reference:"0.90.1dfsg-4etch15")) flag++;
    if (deb_check(release:"4.0", prefix:"clamav-docs", reference:"0.90.1dfsg-4etch15")) flag++;
    if (deb_check(release:"4.0", prefix:"clamav-freshclam", reference:"0.90.1dfsg-4etch15")) flag++;
    if (deb_check(release:"4.0", prefix:"clamav-milter", reference:"0.90.1dfsg-4etch15")) flag++;
    if (deb_check(release:"4.0", prefix:"clamav-testfiles", reference:"0.90.1dfsg-4etch15")) flag++;
    if (deb_check(release:"4.0", prefix:"libclamav-dev", reference:"0.90.1dfsg-4etch15")) flag++;
    if (deb_check(release:"4.0", prefix:"libclamav2", reference:"0.90.1dfsg-4etch15")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2008-9651.NASL
    descriptionSecurity fixes from upstream 0.94 and 0.94.1: CVE-2008-3912 (#461461): Multiple out-of-memory NULL pointer dereferences CVE-2008-3913 (#461461): Fix memory leak in the error code path in freshclam CVE-2008-3914 (#461461): File descriptor leak on the error code path CVE-2008-5050 (#470783): get_unicode_name() off-by-one buffer overflow Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id34775
    published2008-11-16
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34775
    titleFedora 8 : clamav-0.92.1-4.fc8 (2008-9651)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Fedora Security Advisory 2008-9651.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(34775);
      script_version ("1.16");
      script_cvs_date("Date: 2019/08/02 13:32:28");
    
      script_cve_id("CVE-2008-1389", "CVE-2008-3912", "CVE-2008-3913", "CVE-2008-3914", "CVE-2008-5050");
      script_bugtraq_id(31051, 32207);
      script_xref(name:"FEDORA", value:"2008-9651");
    
      script_name(english:"Fedora 8 : clamav-0.92.1-4.fc8 (2008-9651)");
      script_summary(english:"Checks rpm output for the updated package.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Fedora host is missing a security update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security fixes from upstream 0.94 and 0.94.1: CVE-2008-3912 (#461461):
    Multiple out-of-memory NULL pointer dereferences CVE-2008-3913
    (#461461): Fix memory leak in the error code path in freshclam
    CVE-2008-3914 (#461461): File descriptor leak on the error code path
    CVE-2008-5050 (#470783): get_unicode_name() off-by-one buffer overflow
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the Fedora security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=461461"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.redhat.com/show_bug.cgi?id=470783"
      );
      # https://lists.fedoraproject.org/pipermail/package-announce/2008-November/016215.html
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?732943be"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Update the affected clamav package."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(119, 200, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:clamav");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:8");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/11/14");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/11/16");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.");
      script_family(english:"Fedora Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
    os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
    os_ver = os_ver[1];
    if (! ereg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 8.x", "Fedora " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
    
    flag = 0;
    if (rpm_check(release:"FC8", reference:"clamav-0.92.1-4.fc8")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav");
    }
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2008-189.NASL
    descriptionMultiple vulnerabilities were discovered in ClamAV and corrected with the 0.94 release, including : A vulnerability in ClamAV
    last seen2020-06-01
    modified2020-06-02
    plugin id38032
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/38032
    titleMandriva Linux Security Advisory : clamav (MDVSA-2008:189-1)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200809-18.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200809-18 (ClamAV: Multiple Denials of Service) Hanno boeck reported an error in libclamav/chmunpack.c when processing CHM files (CVE-2008-1389). Other unspecified vulnerabilities were also reported, including a NULL pointer dereference in libclamav (CVE-2008-3912), memory leaks in freshclam/manager.c (CVE-2008-3913), and file descriptor leaks in libclamav/others.c and libclamav/sis.c (CVE-2008-3914). Impact : A remote attacker could entice a user or automated system to scan a specially crafted CHM, possibly resulting in a Denial of Service (daemon crash). The other attack vectors mentioned above could also result in a Denial of Service. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id34299
    published2008-09-26
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/34299
    titleGLSA-200809-18 : ClamAV: Multiple Denials of Service

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 31051 CVE ID:CVE-2008-3914 CVE-2008-3913 CVE-2008-3912 CNCVE ID:CNCVE-20083914 CNCVE-20083913 CNCVE-20083912 ClamAV是一款反病毒应用程序。 ClamAV存在多个未明内存破坏问题,远程攻击者可以利用漏洞对应用程序进行拒绝服务攻击,或可能导致敏感信息泄漏或执行任意代码。 目前没有详细漏洞细节提供。 Pardus Linux 2008 0 Pardus Linux 2007 0 ifenslave ifenslave 0.88 Clam Anti-Virus ClamAV 0.93.1 Clam Anti-Virus ClamAV 0.92.1 Clam Anti-Virus ClamAV 0.91.2 Clam Anti-Virus ClamAV 0.91.1 Clam Anti-Virus ClamAV 0.90.3 Clam Anti-Virus ClamAV 0.90.2 Clam Anti-Virus ClamAV 0.90.1 + Debian Linux 4.0 sparc + Debian Linux 4.0 s/390 + Debian Linux 4.0 powerpc + Debian Linux 4.0 mipsel + Debian Linux 4.0 mips + Debian Linux 4.0 m68k + Debian Linux 4.0 ia-64 + Debian Linux 4.0 ia-32 + Debian Linux 4.0 hppa + Debian Linux 4.0 arm + Debian Linux 4.0 amd64 + Debian Linux 4.0 alpha + Debian Linux 4.0 Clam Anti-Virus ClamAV 0.90 - MandrakeSoft Corporate Server 4.0 x86_64 - MandrakeSoft Corporate Server 3.0 x86_64 - MandrakeSoft Corporate Server 3.0 - MandrakeSoft Corporate Server 4.0 - MandrakeSoft Linux Mandrake 2007.1 x86_64 - MandrakeSoft Linux Mandrake 2007.1 - MandrakeSoft Linux Mandrake 2007.0 x86_64 - MandrakeSoft Linux Mandrake 2007.0 Clam Anti-Virus ClamAV 0.88.5 Clam Anti-Virus ClamAV 0.88.4 Clam Anti-Virus ClamAV 0.88.3 Clam Anti-Virus ClamAV 0.88.2 Clam Anti-Virus ClamAV 0.88.1 Clam Anti-Virus ClamAV 0.87.1 Clam Anti-Virus ClamAV 0.87 -1 Clam Anti-Virus ClamAV 0.87 Clam Anti-Virus ClamAV 0.86.2 Clam Anti-Virus ClamAV 0.86 .1 Clam Anti-Virus ClamAV 0.86 Clam Anti-Virus ClamAV 0.85.1 Clam Anti-Virus ClamAV 0.85 Clam Anti-Virus ClamAV 0.84 rc2 Clam Anti-Virus ClamAV 0.84 rc1 Clam Anti-Virus ClamAV 0.84 + Debian Linux 3.1 sparc + Debian Linux 3.1 s/390 + Debian Linux 3.1 ppc + Debian Linux 3.1 mipsel + Debian Linux 3.1 mips + Debian Linux 3.1 m68k + Debian Linux 3.1 ia-64 + Debian Linux 3.1 ia-32 + Debian Linux 3.1 hppa + Debian Linux 3.1 arm + Debian Linux 3.1 alpha + Debian Linux 3.1 Clam Anti-Virus ClamAV 0.83 Clam Anti-Virus ClamAV 0.82 Clam Anti-Virus ClamAV 0.81 + Gentoo Linux Clam Anti-Virus ClamAV 0.80 rc4 Clam Anti-Virus ClamAV 0.80 rc3 Clam Anti-Virus ClamAV 0.80 rc2 Clam Anti-Virus ClamAV 0.80 rc1 Clam Anti-Virus ClamAV 0.80 Clam Anti-Virus ClamAV 0.75.1 Clam Anti-Virus ClamAV 0.70 Clam Anti-Virus ClamAV 0.68 -1 Clam Anti-Virus ClamAV 0.68 Clam Anti-Virus ClamAV 0.67 + Gentoo Linux 1.4 _rc3 + Gentoo Linux 1.4 _rc2 + Gentoo Linux 1.4 _rc1 + Gentoo Linux 1.4 Clam Anti-Virus ClamAV 0.65 Clam Anti-Virus ClamAV 0.60 Clam Anti-Virus ClamAV 0.54 Clam Anti-Virus ClamAV 0.53 Clam Anti-Virus ClamAV 0.52 Clam Anti-Virus ClamAV 0.51 Clam Anti-Virus ClamAV 0.93 Clam Anti-Virus ClamAV 0.92 Clam Anti-Virus ClamAV 0.91 Clam Anti-Virus ClamAV 0.88.6 升级程序: Clam Anti-Virus ClamAV 0.88.6 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.91 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.93 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.92 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.51 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.52 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.53 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.54 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.60 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.65 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.67 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.68 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.68 -1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.70 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.75.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.80 rc4 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.80 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.80 rc3 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.80 rc1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.80 rc2 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.81 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.82 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.83 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.84 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.84 rc1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.84 rc2 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.85 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.85.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.86 .1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.86 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.86.2 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.87 -1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.87 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.87.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> ifenslave ifenslave 0.88 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.88.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.88.2 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.88.3 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.88.4 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.88.5 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.90 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.90.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.90.2 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.90.3 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.91.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.91.2 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.92.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a> Clam Anti-Virus ClamAV 0.93.1 Clam Anti-Virus clamav-0.94.tar.gz <a href=http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz target=_blank>http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz</a>
idSSV:4013
last seen2017-11-19
modified2008-09-11
published2008-09-11
reporterRoot
titleClamAV多个未明内存破坏漏洞