[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE Request -- Clam AntiVirus -- v0.97.2 --
From:       Josh Bressers <bressers () redhat ! com>
Date:       2011-07-26 20:03:20
Message-ID: 633189304.1604805.1311710600501.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]

Please use CVE-2011-2721.

Thanks.

-- 
    JB

----- Original Message -----
> Hello Josh, Steve, vendors,
> 
> based on:
> [1]
> http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97.2
> 
> an off-by-one error was found in the way the hash manager of Clam
> AntiVirus, a GPL anti-virus toolkit for UNIX, performed scan of
> messages with certain hashes. A remote attacker could provide a
> message
> with specially-crafted hash signature in it, leading to denial of
> service (clamscan executable crash).
> 
> Upstream bug report:
> [2] https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2818
> 
> Relevant patch:
> [3]
> http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=4842733eb3f09be61caeed83778bb6679141dbc5
> 
> Other references:
> [4] https://bugzilla.novell.com/show_bug.cgi?id=708263
> [5]
> http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97.2
> [6] http://www.clamav.net/lang/en/
> [7] https://bugzilla.redhat.com/show_bug.cgi?id=725694
> 
> Note: The rest of the issues fixed in [1] seem to be just bug fixes.
> Cc-ed upstream Clam Antivirus maintainers to confirm this (that
> there is only one issue with security implications) and correct
> the description of the issue, if necessary (just guessing that
> "cli_hm_scan()" stands for
> command_line_interface_hash_manager_scan, since it doesn't seem
> to be described in the code anywhere).
> 
> Josh, Steve, could you allocate a CVE id for this?
> 
> Thank you && Regards, Jan.
> --
> Jan iankko Lieskovsky / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]