Vulnerabilities > CVE-2018-15378 - Out-of-bounds Read vulnerability in multiple products
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11()" function (libclamav/mew.c), which can be exploited to trigger an invalid read memory access via a specially crafted EXE file.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Overread Buffers An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2018-847FE2ED61.NASL description ClamAV 0.100.2 has been released! This is a patch release to address several vulnerabilities. Fixes for the following ClamAV vulnerabilities: CVE-2018-15378: Vulnerability in ClamAV last seen 2020-06-05 modified 2019-01-03 plugin id 120579 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120579 title Fedora 29 : clamav (2018-847fe2ed61) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory FEDORA-2018-847fe2ed61. # include("compat.inc"); if (description) { script_id(120579); script_version("1.4"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/04"); script_cve_id("CVE-2018-14679", "CVE-2018-14680", "CVE-2018-14681", "CVE-2018-14682", "CVE-2018-15378"); script_xref(name:"FEDORA", value:"2018-847fe2ed61"); script_name(english:"Fedora 29 : clamav (2018-847fe2ed61)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "ClamAV 0.100.2 has been released! This is a patch release to address several vulnerabilities. Fixes for the following ClamAV vulnerabilities: CVE-2018-15378: Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition on an affected device. Reported by Secunia Research at Flexera. Fix for a two-byte buffer over-read bug in ClamAV's PDF parsing code. Reported by Alex Gaynor. Fixes for the following vulnerabilities in bundled third-party libraries: CVE-2018-14680: An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames. CVE-2018-14681: An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one- or two-byte overwrite. CVE-2018-14682: An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression. Additionally, 0.100.2 reverted 0.100.1's patch for CVE-2018-14679, and applied libmspack's version of the fix in its place Other changes: Some users have reported freshclam signature update failures as a result of a delay between the time the new signature database content is announced and the time that the content-delivery-network has the content available for download. To mitigate these errors, this patch release includes some modifications to freshclam to make it more lenient, and to reduce the time that freshclam will ignore a mirror when it detects an issue. On-Access 'Extra Scanning,' an opt-in minor feature of OnAccess scanning on Linux systems, has been disabled due to a known issue with resource cleanup OnAccessExtraScanning will be re-enabled in a future release when the issue is resolved. In the mean-time, users who enabled the feature in clamd.conf will see a warning informing them that the feature is not active. For details, click here. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2018-847fe2ed61" ); script_set_attribute( attribute:"solution", value:"Update the affected clamav package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:clamav"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:29"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/07/28"); script_set_attribute(attribute:"patch_publication_date", value:"2018/10/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/03"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! preg(pattern:"^29([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 29", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC29", reference:"clamav-0.100.2-2.fc29")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav"); }
NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-3441-1.NASL description This update for clamav fixes the following issues : Clamav was updated to version 0.100.2 : CVE-2018-15378: Vulnerability in ClamAV last seen 2020-06-01 modified 2020-06-02 plugin id 118455 published 2018-10-26 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118455 title SUSE SLES11 Security Update : clamav (SUSE-SU-2018:3441-1) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from SUSE update advisory SUSE-SU-2018:3441-1. # The text itself is copyright (C) SUSE. # include("compat.inc"); if (description) { script_id(118455); script_version("1.3"); script_cvs_date("Date: 2019/09/10 13:51:49"); script_cve_id("CVE-2018-14680", "CVE-2018-14681", "CVE-2018-14682", "CVE-2018-15378"); script_name(english:"SUSE SLES11 Security Update : clamav (SUSE-SU-2018:3441-1)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote SUSE host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "This update for clamav fixes the following issues : Clamav was updated to version 0.100.2 : CVE-2018-15378: Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. (bsc#1110723) CVE-2018-14680, CVE-2018-14681, CVE-2018-14682: more fixes for embedded libmspack. (bsc#1103040) Make freshclam more robust against lagging signature mirrors. On-Access 'Extra Scanning', an opt-in minor feature of OnAccess scanning on Linux systems, has been disabled due to a known issue with resource cleanup OnAccessExtraScanning will be re-enabled in a future release when the issue is resolved. In the mean-time, users who enabled the feature in clamd.conf will see a warning informing them that the feature is not active. For details, see: https://bugzilla.clamav.net/show_bug.cgi?id=12048 Restore exit code compatibility of freshclam with versions before 0.100.0 when the virus database is already up to date (bsc#1104457). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.clamav.net/show_bug.cgi?id=12048" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1103040" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1104457" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.suse.com/show_bug.cgi?id=1110723" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14680/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14681/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-14682/" ); script_set_attribute( attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2018-15378/" ); # https://www.suse.com/support/update/announcement/2018/suse-su-20183441-1/ script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?17789526" ); script_set_attribute( attribute:"solution", value: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or 'zypper patch'. Alternatively you can run the command listed for your product : SUSE Linux Enterprise Server 11-SP4:zypper in -t patch slessp4-clamav-13841=1 SUSE Linux Enterprise Server 11-SP3-LTSS:zypper in -t patch slessp3-clamav-13841=1 SUSE Linux Enterprise Point of Sale 11-SP3:zypper in -t patch sleposp3-clamav-13841=1 SUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch dbgsp4-clamav-13841=1 SUSE Linux Enterprise Debuginfo 11-SP3:zypper in -t patch dbgsp3-clamav-13841=1" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:clamav"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/07/28"); script_set_attribute(attribute:"patch_publication_date", value:"2018/10/25"); script_set_attribute(attribute:"plugin_publication_date", value:"2018/10/26"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE"); os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE"); os_ver = os_ver[1]; if (! preg(pattern:"^(SLES11)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES11", "SUSE " + os_ver); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu); sp = get_kb_item("Host/SuSE/patchlevel"); if (isnull(sp)) sp = "0"; if (os_ver == "SLES11" && (! preg(pattern:"^(3|4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES11 SP3/4", os_ver + " SP" + sp); flag = 0; if (rpm_check(release:"SLES11", sp:"4", reference:"clamav-0.100.2-0.20.18.1")) flag++; if (rpm_check(release:"SLES11", sp:"3", reference:"clamav-0.100.2-0.20.18.1")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav"); }
NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-821.NASL description This update for clamav fixes the following issues : clamav was updated to version 0.100.2. Following security issues were fixed : - CVE-2018-15378: Vulnerability in ClamAV last seen 2020-06-01 modified 2020-06-02 plugin id 123346 published 2019-03-27 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123346 title openSUSE Security Update : clamav (openSUSE-2019-821) code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update openSUSE-2019-821. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(123346); script_version("1.2"); script_cvs_date("Date: 2020/01/30"); script_cve_id("CVE-2018-14680", "CVE-2018-14681", "CVE-2018-14682", "CVE-2018-15378"); script_name(english:"openSUSE Security Update : clamav (openSUSE-2019-821)"); script_summary(english:"Check for the openSUSE-2019-821 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update for clamav fixes the following issues : clamav was updated to version 0.100.2. Following security issues were fixed : - CVE-2018-15378: Vulnerability in ClamAV's MEW unpacking feature that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. (bsc#1110723) - CVE-2018-14680, CVE-2018-14681, CVE-2018-14682: more fixes for embedded libmspack. (bsc#1103040) Following non-security issues were addressed : - Make freshclam more robust against lagging signature mirrors. - On-Access 'Extra Scanning', an opt-in minor feature of OnAccess scanning on Linux systems, has been disabled due to a known issue with resource cleanup OnAccessExtraScanning will be re-enabled in a future release when the issue is resolved. In the mean-time, users who enabled the feature in clamd.conf will see a warning informing them that the feature is not active. For details, see: https://bugzilla.clamav.net/show_bug.cgi?id=12048 - Restore exit code compatibility of freshclam with versions before 0.100.0 when the virus database is already up to date (bsc#1104457) This update was imported from the SUSE:SLE-15:Update update project." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.clamav.net/show_bug.cgi?id=12048" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1103040" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1104457" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1110723" ); script_set_attribute( attribute:"solution", value:"Update the affected clamav packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"); script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:clamav"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:clamav-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:clamav-debugsource"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:clamav-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libclamav7"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libclamav7-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libclammspack0"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libclammspack0-debuginfo"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.0"); script_set_attribute(attribute:"vuln_publication_date", value:"2018/07/28"); script_set_attribute(attribute:"patch_publication_date", value:"2019/03/23"); script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/27"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE15\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(x86_64)$") audit(AUDIT_ARCH_NOT, "x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE15.0", reference:"clamav-0.100.2-lp150.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"clamav-debuginfo-0.100.2-lp150.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"clamav-debugsource-0.100.2-lp150.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"clamav-devel-0.100.2-lp150.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libclamav7-0.100.2-lp150.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libclamav7-debuginfo-0.100.2-lp150.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libclammspack0-0.100.2-lp150.2.6.1") ) flag++; if ( rpm_check(release:"SUSE15.0", reference:"libclammspack0-debuginfo-0.100.2-lp150.2.6.1") ) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav / clamav-debuginfo / clamav-debugsource / clamav-devel / etc"); }
NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2019-1146.NASL description An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.(CVE-2018-14681) An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression.(CVE-2018-14682) An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.(CVE-2018-14680) A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service (DoS) condition. The vulnerability is due to an error related to the MEW unpacker within the last seen 2020-03-17 modified 2019-01-14 plugin id 121131 published 2019-01-14 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121131 title Amazon Linux AMI : clamav (ALAS-2019-1146) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3789-1.NASL description It was discovered that ClamAV incorrectly handled unpacking MEW executables. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 118082 published 2018-10-12 reporter Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118082 title Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : clamav vulnerability (USN-3789-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-1310.NASL description This update for clamav fixes the following issues : clamav was updated to version 0.100.2 : - CVE-2018-15378: Vulnerability in ClamAV last seen 2020-06-05 modified 2018-10-29 plugin id 118483 published 2018-10-29 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118483 title openSUSE Security Update : clamav (openSUSE-2018-1310) NASL family Fedora Local Security Checks NASL id FEDORA_2018-EFF94DA132.NASL description ClamAV 0.100.2 has been released! This is a patch release to address several vulnerabilities. Fixes for the following ClamAV vulnerabilities: CVE-2018-15378: Vulnerability in ClamAV last seen 2020-06-05 modified 2019-01-03 plugin id 120891 published 2019-01-03 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120891 title Fedora 28 : clamav (2018-eff94da132) NASL family Fedora Local Security Checks NASL id FEDORA_2018-1FC39F2D13.NASL description ClamAV 0.100.2 has been released! This is a patch release to address several vulnerabilities. Fixes for the following ClamAV vulnerabilities: CVE-2018-15378: Vulnerability in ClamAV last seen 2020-06-05 modified 2018-10-17 plugin id 118159 published 2018-10-17 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118159 title Fedora 27 : clamav (2018-1fc39f2d13) NASL family SuSE Local Security Checks NASL id OPENSUSE-2018-1227.NASL description This update for clamav fixes the following issues : clamav was updated to version 0.100.2. Following security issues were fixed : - CVE-2018-15378: Vulnerability in ClamAV last seen 2020-06-05 modified 2018-10-24 plugin id 118342 published 2018-10-24 reporter This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118342 title openSUSE Security Update : clamav (openSUSE-2018-1227) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-1553.NASL description ClamAV is an anti-virus utility for Unix, whose upstream developers have released the version 0.100.2. Installing this new version is required to make use of all current virus signatures and to avoid warnings. This version also fixes a security issue discovered after version 0.100.1 : CVE-2018-15378 : A vulnerability in ClamAV last seen 2020-06-01 modified 2020-06-02 plugin id 118364 published 2018-10-25 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118364 title Debian DLA-1553-1 : clamav security update NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-3436-1.NASL description This update for clamav fixes the following issues : clamav was updated to version 0.100.2 : CVE-2018-15378: Vulnerability in ClamAV last seen 2020-06-01 modified 2020-06-02 plugin id 118454 published 2018-10-26 reporter This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/118454 title SUSE SLED12 / SLES12 Security Update : clamav (SUSE-SU-2018:3436-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2018-3250-1.NASL description This update for clamav fixes the following issues : clamav was updated to version 0.100.2. Following security issues were fixed : CVE-2018-15378: Vulnerability in ClamAV last seen 2020-03-18 modified 2019-01-02 plugin id 120135 published 2019-01-02 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/120135 title SUSE SLED15 / SLES15 Security Update : clamav (SUSE-SU-2018:3250-1) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201904-12.NASL description The remote host is affected by the vulnerability described in GLSA-201904-12 (ClamAV: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 123984 published 2019-04-11 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123984 title GLSA-201904-12 : ClamAV: Multiple vulnerabilities NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_8B812395C73911E8AB5B9C5C8E75236A.NASL description Joel Esler reports : - CVE-2018-15378 : - Vulnerability in ClamAV last seen 2020-06-01 modified 2020-06-02 plugin id 117911 published 2018-10-04 reporter This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/117911 title FreeBSD : clamav -- multiple vulnerabilities (8b812395-c739-11e8-ab5b-9c5c8e75236a)
References
- https://bugzilla.clamav.net/show_bug.cgi?id=12170
- https://lists.debian.org/debian-lts-announce/2018/10/msg00014.html
- https://secuniaresearch.flexerasoftware.com/advisories/83000/
- https://security.gentoo.org/glsa/201904-12
- https://usn.ubuntu.com/3789-1/
- https://usn.ubuntu.com/3789-2/
- https://www.flexera.com/company/secunia-research/advisories/SR-2018-23.html