Vulnerabilities > CVE-2008-5314 - Resource Management Errors vulnerability in Clam Anti-Virus Clamav

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
clam-anti-virus
CWE-399
nessus
exploit available

Summary

Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionClamAV < 0.94.2 (JPEG Parsing) Recursive Stack Overflow PoC. CVE-2008-5314. Dos exploits for multiple platform
fileexploits/multiple/dos/7330.c
idEDB-ID:7330
last seen2016-02-01
modified2008-12-03
platformmultiple
port
published2008-12-03
reporterilja van sprundel
sourcehttps://www.exploit-db.com/download/7330/
titleClamAV < 0.94.2 JPEG Parsing Recursive Stack Overflow PoC
typedos

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE9_12318.NASL
    descriptionSpecially crafted jpg files could crash the clamd daemon of clamav. (CVE-2008-5314)
    last seen2020-06-01
    modified2020-06-02
    plugin id41262
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41262
    titleSuSE9 Security Update : ClamAV (YOU Patch Number 12318)
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The text description of this plugin is (C) Novell, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(41262);
      script_version("1.7");
      script_cvs_date("Date: 2019/10/25 13:36:31");
    
      script_cve_id("CVE-2008-5314");
    
      script_name(english:"SuSE9 Security Update : ClamAV (YOU Patch Number 12318)");
      script_summary(english:"Checks rpm output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SuSE 9 host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Specially crafted jpg files could crash the clamd daemon of clamav.
    (CVE-2008-5314)"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"http://support.novell.com/security/cve/CVE-2008-5314.html"
      );
      script_set_attribute(attribute:"solution", value:"Apply YOU patch number 12318.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P");
      script_cwe_id(399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/12/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/09/24");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2009-2019 Tenable Network Security, Inc.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
    if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
    if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 9 on the '"+cpu+"' architecture have not been implemented.");
    
    
    flag = 0;
    if (rpm_check(release:"SUSE9", reference:"clamav-0.94.2-1.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200812-21.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200812-21 (ClamAV: Multiple vulnerabilities) Moritz Jodeit reported an off-by-one error within the get_unicode_name() function in libclamav/vba_extract.c when processing VBA project files (CVE-2008-5050). Ilja van Sprundel reported an infinite recursion error within the cli_check_jpeg_exploit() function in libclamav/special.c when processing JPEG files (CVE-2008-5314). Impact : A remote attacker could send a specially crafted VBA or JPEG file to the clamd daemon, possibly resulting in the remote execution of arbitrary code with the privileges of the user running the application or a Denial of Service. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id35268
    published2008-12-26
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35268
    titleGLSA-200812-21 : ClamAV: Multiple vulnerabilities
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from Gentoo Linux Security Advisory GLSA 200812-21.
    #
    # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.
    # and licensed under the Creative Commons - Attribution / Share Alike 
    # license. See http://creativecommons.org/licenses/by-sa/3.0/
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(35268);
      script_version("1.14");
      script_cvs_date("Date: 2019/08/02 13:32:45");
    
      script_cve_id("CVE-2008-5050", "CVE-2008-5314");
      script_bugtraq_id(32207);
      script_xref(name:"GLSA", value:"200812-21");
    
      script_name(english:"GLSA-200812-21 : ClamAV: Multiple vulnerabilities");
      script_summary(english:"Checks for updated package(s) in /var/db/pkg");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Gentoo host is missing one or more security-related
    patches."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is affected by the vulnerability described in GLSA-200812-21
    (ClamAV: Multiple vulnerabilities)
    
        Moritz Jodeit reported an off-by-one error within the
        get_unicode_name() function in libclamav/vba_extract.c when processing
        VBA project files (CVE-2008-5050). Ilja van Sprundel reported an
        infinite recursion error within the cli_check_jpeg_exploit() function
        in libclamav/special.c when processing JPEG files (CVE-2008-5314).
      
    Impact :
    
        A remote attacker could send a specially crafted VBA or JPEG file to
        the clamd daemon, possibly resulting in the remote execution of
        arbitrary code with the privileges of the user running the application
        or a Denial of Service.
      
    Workaround :
    
        There is no known workaround at this time."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security.gentoo.org/glsa/200812-21"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "All ClamAV users should upgrade to the latest version:
        # emerge --sync
        # emerge --ask --oneshot --verbose '>=app-antivirus/clamav-0.94.2'"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(119, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:clamav");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/12/23");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/12/26");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 Tenable Network Security, Inc.");
      script_family(english:"Gentoo Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("qpkg.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo");
    if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    
    if (qpkg_check(package:"app-antivirus/clamav", unaffected:make_list("ge 0.94.2"), vulnerable:make_list("lt 0.94.2"))) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());
      else security_hole(0);
      exit(0);
    }
    else
    {
      tested = qpkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ClamAV");
    }
    
  • NASL familyGain a shell remotely
    NASL idCLAMAV_0_94_2.NASL
    descriptionAccording to its version, the clamd antivirus daemon on the remote host is earlier than 0.94.2. There is a recursive stack overflow involving the JPEG parsing code in such versions. A remote attacker may be able to leverage this issue to cause the application to recursively scan a specially crafted JPEG, which will eventually cause it to crash.
    last seen2020-06-01
    modified2020-06-02
    plugin id35009
    published2008-12-03
    reporterThis script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35009
    titleClamAV < 0.94.2 cli_check_jpeg_exploit() Malformed JPEG File DoS
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(35009);
      script_version("1.16");
      script_cvs_date("Date: 2018/07/06 11:26:07");
    
      script_cve_id("CVE-2008-5314");
      script_bugtraq_id(32555);
      script_xref(name:"Secunia", value:"32926");
    
      script_name(english:"ClamAV < 0.94.2 cli_check_jpeg_exploit() Malformed JPEG File DoS");
      script_summary(english:"Sends a VERSION command to clamd");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote antivirus service is vulnerable to a denial of service
    attack.");
      script_set_attribute(attribute:"description", value:
    "According to its version, the clamd antivirus daemon on the remote
    host is earlier than 0.94.2. There is a recursive stack overflow
    involving the JPEG parsing code in such versions. A remote attacker
    may be able to leverage this issue to cause the application to
    recursively scan a specially crafted JPEG, which will eventually cause
    it to crash.");
      script_set_attribute(attribute:"see_also", value:"https://bugzilla.clamav.net/show_bug.cgi?id=1266");
      # http://web.archive.org/web/20080723153709/http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?91209430"); # look for bb#1266
      script_set_attribute(attribute:"solution", value:"Upgrade to ClamAV 0.94.2 or later.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_cwe_id(399);
    
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/12/03");
    
      script_set_attribute(attribute:"potential_vulnerability", value:"true");
      script_set_attribute(attribute:"plugin_type", value:"remote");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:clamav:clamav");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Gain a shell remotely");
    
      script_copyright(english:"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.");
    
      script_dependencies("find_service2.nasl");
      script_require_keys("Settings/ParanoidReport");
      script_require_ports("Services/clamd", 3310);
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    
    
    # nb: banner checks of open source software are prone to false-
    #     positives so only run the check if reporting is paranoid.
    if (report_paranoia < 2) audit(AUDIT_PARANOID);
    
    
    port = get_kb_item("Services/clamd");
    if (!port) port = 3310;
    if (!get_port_state(port)) exit(0);
    
    
    # Establish a connection.
    soc = open_sock_tcp(port);
    if (!soc) exit(0);
    
    
    # Send a VERSION command.
    req = "VERSION";
    send(socket:soc, data:req+'\r\n');
    
    res = recv_line(socket:soc, length:128);
    if (!strlen(res) || "ClamAV " >!< res) exit(0);
    
    
    # Check the version.
    version = strstr(res, "ClamAV ") - "ClamAV ";
    if ("/" >< version) version = version - strstr(version, "/");
    
    if (version =~ "^0\.(([0-9]|[0-8][0-9]|9[0-3])($|[^0-9])|94(\.1)?($|[^0-9.]))")
    {
      if (report_verbosity)
      {
        report = string(
          "\n",
          "ClamAV version ", version, " appears to be running on the remote host based on\n",
          "the following response to a 'VERSION' command :\n",
          "\n",
          "  ", res, "\n"
        );
        security_warning(port:port, extra:report);
      }
      else security_warning(port);
    }
    
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2009-001.NASL
    descriptionThe remote host is running a version of Mac OS X 10.5 or 10.4 that does not have Security Update 2009-001 applied. This security update contains fixes for the following products : - AFP Server - Apple Pixlet Video - CarbonCore - CFNetwork - Certificate Assistant - ClamAV - CoreText - CUPS - DS Tools - fetchmail - Folder Manager - FSEvents - Network Time - perl - Printing - python - Remote Apple Events - Safari RSS - servermgrd - SMB - SquirrelMail - X11 - XTerm
    last seen2020-06-01
    modified2020-06-02
    plugin id35684
    published2009-02-13
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35684
    titleMac OS X Multiple Vulnerabilities (Security Update 2009-001)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    
    if (!defined_func("bn_random")) exit(0);
    if (NASL_LEVEL < 3004) exit(0);
    
    include("compat.inc");
    
    if (description)
    {
      script_id(35684);
      script_version("1.32");
      script_cvs_date("Date: 2018/07/16 12:48:31");
    
      script_cve_id("CVE-2006-1861", "CVE-2006-3467", "CVE-2007-1351", "CVE-2007-1352", "CVE-2007-1667",
                    "CVE-2007-4565", "CVE-2007-4965", "CVE-2008-1377", "CVE-2008-1379", "CVE-2008-1679",
                    "CVE-2008-1721", "CVE-2008-1806", "CVE-2008-1807", "CVE-2008-1808", "CVE-2008-1887",
                    "CVE-2008-1927", "CVE-2008-2315", "CVE-2008-2316", "CVE-2008-2360", "CVE-2008-2361",
                    "CVE-2008-2362", "CVE-2008-2379", "CVE-2008-2711", "CVE-2008-3142", "CVE-2008-3144",
                    "CVE-2008-3663", "CVE-2008-4864", "CVE-2008-5031", "CVE-2008-5050", "CVE-2008-5183",
                    "CVE-2008-5314", "CVE-2009-0009", "CVE-2009-0011", "CVE-2009-0012", "CVE-2009-0013",
                    "CVE-2009-0014", "CVE-2009-0015", "CVE-2009-0017", "CVE-2009-0018", "CVE-2009-0019",
                    "CVE-2009-0020", "CVE-2009-0137", "CVE-2009-0138", "CVE-2009-0139", "CVE-2009-0140",
                    "CVE-2009-0141", "CVE-2009-0142");
      script_bugtraq_id(25495, 25696, 28715, 28749, 28928, 29705, 30491, 31976, 32207, 32555,
                        33187, 33796, 33798, 33800, 33806, 33808, 33809, 33810, 33811, 33812,
                        33813, 33814, 33815, 33816, 33820, 33821);
    
      script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2009-001)");
      script_summary(english:"Check for the presence of Security Update 2009-001");
    
      script_set_attribute(  attribute:"synopsis",   value:
    "The remote host is missing a Mac OS X update that fixes various
    security issues."  );
      script_set_attribute( attribute:"description", value:
    "The remote host is running a version of Mac OS X 10.5 or 10.4 that
    does not have Security Update 2009-001 applied.
    
    This security update contains fixes for the following products :
    
      - AFP Server
      - Apple Pixlet Video
      - CarbonCore
      - CFNetwork
      - Certificate Assistant
      - ClamAV
      - CoreText
      - CUPS
      - DS Tools
      - fetchmail
      - Folder Manager
      - FSEvents
      - Network Time
      - perl
      - Printing
      - python
      - Remote Apple Events
      - Safari RSS
      - servermgrd
      - SMB
      - SquirrelMail
      - X11
      - XTerm"  );
      script_set_attribute(
        attribute:"see_also", 
        value:"http://support.apple.com/kb/ht3438"
      );
      script_set_attribute(
        attribute:"see_also", 
        value:"http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html"
      );
      script_set_attribute( attribute:"solution", value:
        "Install Security Update 2009-001 or later." );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_cwe_id(20, 79, 119, 189, 255, 264, 287, 310, 362, 399);
      script_set_attribute(attribute:"plugin_publication_date", value: "2009/02/13");
      script_set_attribute(attribute:"patch_publication_date", value: "2009/02/12");
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"MacOS X Local Security Checks");
      script_copyright(english:"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/MacOSX/packages", "Host/uname");
      exit(0);
    }
    
    #
    
    uname = get_kb_item("Host/uname");
    if (!uname) exit(1, "The 'Host/uname' KB item is missing.");
    
    if (egrep(pattern:"Darwin.* (8\.[0-9]\.|8\.1[01]\.)", string:uname))
    {
      packages = get_kb_item("Host/MacOSX/packages");
      if (!packages) exit(1, "The 'Host/MacOSX/packages' KB item is missing.");
    
      if (egrep(pattern:"^SecUpd(Srvr)?(2009-00[1-9]|20[1-9][0-9]-)", string:packages))
        exit(0, "The host has Security Update 2009-001 or later installed and therefore is not affected.");
      else
        security_hole(0);
    }
    else if (egrep(pattern:"Darwin.* (9\.[0-6]\.)", string:uname))
    {
      packages = get_kb_item("Host/MacOSX/packages/boms");
      if (!packages) exit(1, "The 'Host/MacOSX/packages/boms' KB item is missing.");
    
      if (egrep(pattern:"^com\.apple\.pkg\.update\.security\.(2009\.00[1-9]|20[1-9][0-9]\.[0-9]+)\.bom", string:packages))
        exit(0, "The host has Security Update 2009-001 or later installed and therefore is not affected.");
      else
        security_hole(0);
    }
    else exit(0, "The host is not affected.");
    
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1680.NASL
    descriptionMoritz Jodeit discovered that ClamAV, an anti-virus solution, suffers from an off-by-one-error in its VBA project file processing, leading to a heap-based buffer overflow and potentially arbitrary code execution (CVE-2008-5050 ). Ilja van Sprundel discovered that ClamAV contains a denial of service condition in its JPEG file processing because it does not limit the recursion depth when processing JPEG thumbnails (CVE-2008-5314 ).
    last seen2020-06-01
    modified2020-06-02
    plugin id35033
    published2008-12-04
    reporterThis script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/35033
    titleDebian DSA-1680-1 : clamav - buffer overflow, stack consumption
    code
    #%NASL_MIN_LEVEL 80502
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-1680. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(35033);
      script_version("1.13");
      script_cvs_date("Date: 2019/08/02 13:32:21");
    
      script_cve_id("CVE-2008-5050", "CVE-2008-5314");
      script_bugtraq_id(32207);
      script_xref(name:"DSA", value:"1680");
    
      script_name(english:"Debian DSA-1680-1 : clamav - buffer overflow, stack consumption");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Moritz Jodeit discovered that ClamAV, an anti-virus solution, suffers
    from an off-by-one-error in its VBA project file processing, leading
    to a heap-based buffer overflow and potentially arbitrary code
    execution (CVE-2008-5050 ).
    
    Ilja van Sprundel discovered that ClamAV contains a denial of service
    condition in its JPEG file processing because it does not limit the
    recursion depth when processing JPEG thumbnails (CVE-2008-5314 )."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505134"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507624"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-5050"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://security-tracker.debian.org/tracker/CVE-2008-5314"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2008/dsa-1680"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the clamav packages.
    
    For the stable distribution (etch), these problems have been fixed in
    version 0.90.1dfsg-4etch16."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"false");
      script_cwe_id(119, 399);
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:clamav");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2008/12/04");
      script_set_attribute(attribute:"plugin_publication_date", value:"2008/12/04");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2008-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"4.0", prefix:"clamav", reference:"0.90.1dfsg-4etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"clamav-base", reference:"0.90.1dfsg-4etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"clamav-daemon", reference:"0.90.1dfsg-4etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"clamav-dbg", reference:"0.90.1dfsg-4etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"clamav-docs", reference:"0.90.1dfsg-4etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"clamav-freshclam", reference:"0.90.1dfsg-4etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"clamav-milter", reference:"0.90.1dfsg-4etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"clamav-testfiles", reference:"0.90.1dfsg-4etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"libclamav-dev", reference:"0.90.1dfsg-4etch16")) flag++;
    if (deb_check(release:"4.0", prefix:"libclamav2", reference:"0.90.1dfsg-4etch16")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-684-1.NASL
    descriptionIlja van Sprundel discovered that ClamAV did not handle recursive JPEG information. If a remote attacker sent a specially crafted JPEG file, ClamAV would crash, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id37977
    published2009-04-23
    reporterUbuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/37977
    titleUbuntu 8.10 : clamav vulnerability (USN-684-1)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2008-239.NASL
    descriptionIlja van Sprundel found that ClamAV contained a denial of service vulnerability in how it handled processing JPEG files, due to it not limiting the recursion depth when processing JPEG thumbnails (CVE-2008-5314). Other bugs have also been corrected in 0.94.2 which is being provided with this update.
    last seen2020-06-01
    modified2020-06-02
    plugin id37414
    published2009-04-23
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/37414
    titleMandriva Linux Security Advisory : clamav (MDVSA-2008:239)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_CLAMAV-5843.NASL
    descriptionSpecially crafted jpg files could crash the clamd daemon of clamav. (CVE-2008-5314)
    last seen2020-06-01
    modified2020-06-02
    plugin id35103
    published2008-12-15
    reporterThis script is Copyright (C) 2008-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/35103
    titleopenSUSE 10 Security Update : clamav (clamav-5843)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_CLAMAV-081204.NASL
    descriptionSpecially crafted jpg files could crash the clamd daemon of clamav. (CVE-2008-5314)
    last seen2020-06-01
    modified2020-06-02
    plugin id39933
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/39933
    titleopenSUSE Security Update : clamav (clamav-357)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_CLAMAV-5842.NASL
    descriptionSpecially crafted jpg files could crash the clamd daemon of clamav. (CVE-2008-5314)
    last seen2020-06-01
    modified2020-06-02
    plugin id41485
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41485
    titleSuSE 10 Security Update : ClamAV (ZYPP Patch Number 5842)

References