Boletines de Vulnerabilidades |
Desbordamiento de búfer en ClamAV |
|
Clasificación de la vulnerabilidad |
|
Propiedad | Valor |
Nivel de Confianza | Oficial |
Impacto | Obtener acceso |
Dificultad | Experto |
Requerimientos del atacante | Acceso remoto sin cuenta a un servicio exotico |
Información sobre el sistema |
|
Propiedad | Valor |
Fabricante afectado | GNU/Linux |
Software afectado | ClamAV 0.80 - 0.88.1 |
Descripción |
|
Se ha descubierto una vulnerabilidad de tipo desbordamiento de búfer en ClamAV 0.80 hasta 0.88.1. La vulnerabilidad reside en un error en la función "get_database" del cliente HTTP Freshclam. Un atacante remoto podría causar una denegación de servicio o ejecutar código arbitrario mediante un servidor HTTP especialmente diseñado donde debería conectar el usuario víctima. |
|
Solución |
|
Actualización de software Mandriva Corporate Server 3.0 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/clamav-0.88.2-0.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/clamav-db-0.88.2-0.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/clamav-milter-0.88.2-0.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/clamd-0.88.2-0.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/libclamav1-0.88.2-0.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/RPMS/libclamav1-devel-0.88.2-0.1.C30mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/corporate/3.0/SRPMS/clamav-0.88.2-0.1.C30mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/clamav-0.88.2-0.1.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/clamav-db-0.88.2-0.1.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/clamav-milter-0.88.2-0.1.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/clamd-0.88.2-0.1.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/lib64clamav1-0.88.2-0.1.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/RPMS/lib64clamav1-devel-0.88.2-0.1.C30mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/corporate/3.0/SRPMS/clamav-0.88.2-0.1.C30mdk.src.rpm Mandrivalinux LE2005 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/clamav-0.88.2-0.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/clamav-db-0.88.2-0.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/clamav-milter-0.88.2-0.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/clamd-0.88.2-0.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/libclamav1-0.88.2-0.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/RPMS/libclamav1-devel-0.88.2-0.1.102mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/10.2/SRPMS/clamav-0.88.2-0.1.102mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/clamav-0.88.2-0.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/clamav-db-0.88.2-0.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/clamav-milter-0.88.2-0.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/clamd-0.88.2-0.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/lib64clamav1-0.88.2-0.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/RPMS/lib64clamav1-devel-0.88.2-0.1.102mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/10.2/SRPMS/clamav-0.88.2-0.1.102mdk.src.rpm Mandrivalinux 2006 X86 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/clamav-0.88.2-0.1.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/clamav-db-0.88.2-0.1.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/clamav-milter-0.88.2-0.1.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/clamd-0.88.2-0.1.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/libclamav1-0.88.2-0.1.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/RPMS/libclamav1-devel-0.88.2-0.1.20060mdk.i586.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/2006.0/SRPMS/clamav-0.88.2-0.1.20060mdk.src.rpm X86_64 ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/clamav-0.88.2-0.1.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/clamav-db-0.88.2-0.1.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/clamav-milter-0.88.2-0.1.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/clamd-0.88.2-0.1.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/lib64clamav1-0.88.2-0.1.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/RPMS/lib64clamav1-devel-0.88.2-0.1.20060mdk.x86_64.rpm ftp://ftp.ps.pl/mirrors/Mandrakelinux/official/updates/x86_64/2006.0/SRPMS/clamav-0.88.2-0.1.20060mdk.src.rpm Debian Debian Linux 3.1 Source http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.9.dsc http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.9.diff.gz http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84.orig.tar.gz Architecture independent http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.84-2.sarge.9_all.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.84-2.sarge.9_all.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.84-2.sarge.9_all.deb Alpha http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.9_alpha.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.9_alpha.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.9_alpha.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.9_alpha.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.9_alpha.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.9_alpha.deb AMD64 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.9_amd64.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.9_amd64.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.9_amd64.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.9_amd64.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.9_amd64.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.9_amd64.deb ARM http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.9_arm.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.9_arm.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.9_arm.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.9_arm.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.9_arm.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.9_arm.deb Intel IA-32 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.9_i386.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.9_i386.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.9_i386.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.9_i386.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.9_i386.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.9_i386.deb Intel IA-64 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.9_ia64.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.9_ia64.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.9_ia64.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.9_ia64.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.9_ia64.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.9_ia64.deb HP Precision http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.9_hppa.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.9_hppa.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.9_hppa.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.9_hppa.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.9_hppa.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.9_hppa.deb Motorola 680x0 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.9_m68k.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.9_m68k.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.9_m68k.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.9_m68k.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.9_m68k.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.9_m68k.deb Big endian MIPS http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.9_mips.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.9_mips.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.9_mips.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.9_mips.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.9_mips.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.9_mips.deb Little endian MIPS http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.9_mipsel.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.9_mipsel.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.9_mipsel.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.9_mipsel.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.9_mipsel.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.9_mipsel.deb PowerPC http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.9_powerpc.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.9_powerpc.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.9_powerpc.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.9_powerpc.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.9_powerpc.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.9_powerpc.deb IBM S/390 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.9_s390.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.9_s390.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.9_s390.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.9_s390.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.9_s390.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.9_s390.deb Sun Sparc http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.9_sparc.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.9_sparc.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.9_sparc.deb http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.9_sparc.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.9_sparc.deb http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.9_sparc.deb Suse Linux Las actualizaciones pueden descargarse mediante YAST o del servidor FTP oficial de Suse Linux Apple Mac OS X Update 10.4.7 Combo Intel http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=10925&cat=1&platform=osx&method=sa/MacOSXUpdCombo10.4.7Intel.dmg Mac OS X Update 10.4.7 Intel http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=10926&cat=1&platform=osx&method=sa/MacOSXUpd10.4.7Intel.dmg Mac OS X Update 10.4.7 Combo PPC http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=10927&cat=1&platform=osx&method=sa/MacOSXUpdCombo10.4.7PPC.dmg Mac OS X Update 10.4.7 PPC http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=10928&cat=1&platform=osx&method=sa/MacOSXUpd10.4.7PPC.dmg Mac OS X Server Update 10.4.7 Combo http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=10963&cat=1&platform=osx&method=sa/MacOSXSrvrUpdCombo10.4.7.dmg Mac OS X Server Update 10.4.7 http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=10964&cat=1&platform=osx&method=sa/MacOSXServerUpdate10.4.7.dmg |
|
Identificadores estándar |
|
Propiedad | Valor |
CVE | CVE-2006-1989 |
BID | 17754 |
Recursos adicionales |
|
Mandriva Security Advisory (MDKSA-2006:080) http://www.mandriva.com/security/advisories?name=MDKSA-2006:080 Debian Security Advisory (DSA 1050-1) http://lists.debian.org/debian-security-announce/debian-security-announce-2006/msg00135.html SUSE Security Advisory (SUSE-SR:2006:010) http://www.novell.com/linux/security/advisories/12_may_06.html Apple Security Update http://docs.info.apple.com/article.html?artnum=303973 |
Histórico de versiones |
||
Versión | Comentario | Fecha |
1.0 | Aviso emitido | 2006-05-02 |
1.1 | Aviso emitido por Debian (DSA 1050-1) | 2006-05-04 |
1.2 | Aviso emitido por Suse (SUSE-SR:2006:010) | 2006-05-19 |
1.3 | Aviso emitido por Apple | 2006-06-29 |