[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Fw: [SA10826] Clam AntiVirus UUencoded Message Denial of Service Vulnerability

Subject: [cobalt-users] Fw: [SA10826] Clam AntiVirus UUencoded Message Denial of Service Vulnerability
From: "Franklin S Werren" <fswerren@xxxxxxxxxxxx>
Date: Tue Feb 10 10:27:03 2004
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Since this is used by some in the list.

What is the fix ???


Franklin S. Werren  www.bagpipes.net   www.chautauqualake.net
www.franksradio.net http://stvef.chautauqualake.net
http://rtcw.chautauqualake.net





----- Original Message ----- 
From: "Secunia Security Advisories" <sec-adv@xxxxxxxxxxx>
To: <admin@xxxxxxxxxxxx>
Sent: Tuesday, February 10, 2004 8:14 AM
Subject: [SA10826] Clam AntiVirus UUencoded Message Denial of Service
Vulnerability


>
> TITLE:
> Clam AntiVirus UUencoded Message Denial of Service Vulnerability
>
> SECUNIA ADVISORY ID:
> SA10826
>
> VERIFY ADVISORY:
> http://www.secunia.com/advisories/10826/
>
> CRITICAL:
> Moderately critical
>
> IMPACT:
> DoS
>
> WHERE:
> >From remote
>
> SOFTWARE:
> Clam AntiVirus (clamav) 0.x
>
> DESCRIPTION:
> Oliver Eikemeier has reported a vulnerability in Clam AntiVirus
> (clamav), which can be exploited by malicious people to cause a DoS
> (Denial of Service).
>
> The vulnerability is caused due to an error when handling certain
> malformed uuencoded messages. This can be exploited to crash the
> clamd process by sending a specially crafted message to a vulnerable
> system.
>
> The vulnerability has been reported in version 0.65.
>
> SOLUTION:
> This issue has reportedly been fixed in CVS.
>
> PROVIDED AND/OR DISCOVERED BY:
> Oliver Eikemeier
>
> ORIGINAL ADVISORY:
> http://www.freebsd.org/cgi/query-pr.cgi?pr=62586
>
> ----------------------------------------------------------------------
>
> About:
> This Advisory was delivered by Secunia as a free service to help
> everybody keeping their systems up to date against the latest
> vulnerabilities.
>
> Subscribe:
> http://www.secunia.com/secunia_security_advisories/
>
> Definitions: (Criticality, Where etc.)
> http://www.secunia.com/about_secunia_advisories/
>
>
> Please Note:
> Secunia recommends that you verify all advisories you receive by
> clicking the link.
> Secunia NEVER sends attached files with advisories.
> Secunia does not advise people to install third party patches, only
> use those supplied by the vendor.
>
> ----------------------------------------------------------------------
>
> Unsubscribe: Secunia Security Advisories
> http://www.secunia.com/sec_adv_unsubscribe/?email=admin@xxxxxxxxxxxx
>
> ----------------------------------------------------------------------
>
>

Follow-Ups:
- RE: [cobalt-users] Fw: [SA10826] Clam AntiVirus UUencoded Message Denial of Service Vulnerability
  - From: Dan Kriwitsky
- Re: [cobalt-users] Fw: [SA10826] Clam AntiVirus UUencoded Message Denial of Service Vulnerability
  - From: Jeff Lasman

Prev by Date: [cobalt-users] Re: Please pity a newbie...file permissions
Next by Date: [cobalt-users] Re: Please pity a newbie...file permissions
Previous by thread: RE: [cobalt-users] Re: Please pity a newbie...file permissions
Next by thread: RE: [cobalt-users] Fw: [SA10826] Clam AntiVirus UUencoded Message Denial of Service Vulnerability

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index