int(1666)

Boletines de Vulnerabilidades


Múltiples vulnerabilidades en ClamAV

Clasificación de la vulnerabilidad

Propiedad Valor
Nivel de Confianza Oficial
Impacto Denegación de Servicio
Dificultad Experto
Requerimientos del atacante Acceso remoto sin cuenta a un servicio exotico

Información sobre el sistema

Propiedad Valor
Fabricante afectado GNU/Linux
Software afectado ClamAV <0.86

Descripción

Se han descubierto dos vulnerabilidades en las versiones anteriores a la 0.86 del antivirus ClamAV. Las vulnerabilidades son descritas a continuación:

- CAN-2005-1922: Error de validación de entrada en el manejo de situaciones excepcionales que puede hacer que ClamAV consuma todos los descriptores de archivos así cómo la memoria.

La explotación de esta vulnerabilidad podría permitir a un atacante remoto provocar una situación de denegación de servicio del sistema mediante un archivo especialmente diseñado que puede ser enviado mediante correo electrónico o una sesión HTTP.

- CAN-2005-1923: Error de validación de entrada en el manejo de las cabeceras de los archivos con formato cabinet.

La explotación de esta vulnerabilidad podría permitir a un atacante remoto provocar una situación de denegación de servicio de ClamAV mediante un archivo cabinet especialmente diseñado.

Solución



Actualización de software

ClamAV
ClamAV 0.86
http://www.clamav.net/stable.php#pagestart

Debian Linux

Debian Linux 3.1
Source
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1.dsc
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1.diff.gz
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84.orig.tar.gz
Architecture independent
http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.84-2.sarge.1_all.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.84-2.sarge.1_all.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.84-2.sarge.1_all.deb
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_alpha.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_alpha.deb
arm architecture (ARM)
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_arm.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_arm.deb
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_hppa.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_hppa.deb
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_i386.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_i386.deb
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_ia64.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_ia64.deb
m68k architecture (Motorola Mc680x0)
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_m68k.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_m68k.deb
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_mips.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_mips.deb
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_mipsel.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_mipsel.deb
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_powerpc.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_powerpc.deb
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_s390.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_s390.deb
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_sparc.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_sparc.deb

Debian

Debian Linux 3.1
AMD64
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.1_amd64.deb
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.1_amd64.deb

Identificadores estándar

Propiedad Valor
CVE CAN-2005-1922
CAN-2005-1923
BID

Recursos adicionales

iDEFENSE Security Advisory 06.29.05 ID 276
http://www.idefense.com/application/poi/display?id=276&type=vulnerabilities

iDEFENSE Security Advisory 06.29.05 ID 275
http://www.idefense.com/application/poi/display?id=275&type=vulnerabilities

Debian Security Advisory DSA 737-1
http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00122.html

Debian Security Advisory DSA 773-1
http://lists.debian.org/debian-security-announce/debian-security-announce-2005/msg00160.html

Histórico de versiones

Versión Comentario Fecha
1.0 Aviso emitido 2005-06-30
1.1 Aviso emitido por Debian (DSA 737-1) 2005-07-06
1.2 Aviso emitido por Debian (DSA 773-1) 2005-08-24

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT