-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:088 http://www.mandriva.com/security/ _______________________________________________________________________ Package : clamav Date : April 17, 2008 Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0 _______________________________________________________________________ Problem Description: Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.93 release, including: ClamAV 0.92 allowed local users to overwrite arbitrary files via a symlink attack on temporary files or on .ascii files in sigtool, when utf16-decode is enabled (CVE-2007-6595). A heap-based buffer overflow in ClamAV 0.92.1 allowed remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary (CVE-2008-0314). An integer overflow in libclamav prior to 0.92.1 allowed remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggered a heap-based buffer overflow (CVE-2008-0318). An unspecified vulnerability in ClamAV prior to 0.92.1 triggered heap corruption (CVE-2008-0728). A buffer overflow in ClamAV 0.92 and 0.92.1 allowed remote attackers to execute arbitrary code via a crafted Upack PE file (CVE-2008-1100). ClamAV prior to 0.93 allowed remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive (CVE-2008-1387). A heap-based buffer overflow in ClamAV 0.92.1 allowed remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary (CVE-2008-1833). ClamAV prior to 0.93 allowed remote attackers to bypass the scanning engine via a RAR file with an invalid version number (CVE-2008-1835). A vulnerability in rfc2231 handling in ClamAV prior to 0.93 allowed remote attackers to cause a denial of service (crash) via a crafted message that produced a string that was not null terminated, triggering a buffer over-read (CVE-2008-1836). A vulnerability in libclamunrar in ClamAV prior to 0.93 allowed remote attackers to cause a denial of service (crash) via a crafted RAR file (CVE-2008-1837). Other bugs have also been corrected in 0.93 which is being provided with this update. Because this new version has increased the major of the libclamav library, updated dependent packages are also being provided. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6595 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0314 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0318 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1100 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1833 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1835 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1836 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1837 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.1: c05a81dbd14d6c600e832d9381037042 2007.1/i586/clamav-0.93-1.1mdv2007.1.i586.rpm db2c84320facc592ffe2c09712b9b971 2007.1/i586/clamav-db-0.93-1.1mdv2007.1.i586.rpm 3699f176cd5b553fec2c42d3ee8e43a2 2007.1/i586/clamav-milter-0.93-1.1mdv2007.1.i586.rpm 58e25a7f7c238bfcccf0deb302a154c7 2007.1/i586/clamd-0.93-1.1mdv2007.1.i586.rpm 365ea7e5fb57bff918f91b7a095972da 2007.1/i586/clamdmon-0.93-1.1mdv2007.1.i586.rpm 1ed1a2b923cb5b628677063fe1463a4f 2007.1/i586/libclamav4-0.93-1.1mdv2007.1.i586.rpm b306ef4cb237f3ae238b2e08c3cca027 2007.1/i586/libclamav-devel-0.93-1.1mdv2007.1.i586.rpm ae5b6bf4ece14eb185ad483b28db3482 2007.1/SRPMS/clamav-0.93-1.1mdv2007.1.src.rpm Mandriva Linux 2007.1/X86_64: a314a7aa7623cb8f41268b5325ca08d9 2007.1/x86_64/clamav-0.93-1.1mdv2007.1.x86_64.rpm 0a7d575891f7557802538686a9db7545 2007.1/x86_64/clamav-db-0.93-1.1mdv2007.1.x86_64.rpm 612941aaafc892e22a41cad2c36cd20e 2007.1/x86_64/clamav-milter-0.93-1.1mdv2007.1.x86_64.rpm 4a65cfc7d7a97e05e9e378ab9e0bcf06 2007.1/x86_64/clamd-0.93-1.1mdv2007.1.x86_64.rpm 45b344ea9cbe23009431a20db3daafaa 2007.1/x86_64/clamdmon-0.93-1.1mdv2007.1.x86_64.rpm 54e4b12eae908918f6d4af54f0b2d5cc 2007.1/x86_64/lib64clamav4-0.93-1.1mdv2007.1.x86_64.rpm 43c30707c55ef4c133d1ca2fbb160bb6 2007.1/x86_64/lib64clamav-devel-0.93-1.1mdv2007.1.x86_64.rpm ae5b6bf4ece14eb185ad483b28db3482 2007.1/SRPMS/clamav-0.93-1.1mdv2007.1.src.rpm Mandriva Linux 2008.0: f75515856969d475a2867a6160582620 2008.0/i586/clamav-0.93-1.1mdv2008.0.i586.rpm 7070d5576d131fea390c83cbdd30333c 2008.0/i586/clamav-db-0.93-1.1mdv2008.0.i586.rpm 262802e3de79f9533a0b0c62d9d1ee52 2008.0/i586/clamav-milter-0.93-1.1mdv2008.0.i586.rpm 076a6d8a31fd1619ff1ddef8ffd1bd35 2008.0/i586/clamd-0.93-1.1mdv2008.0.i586.rpm 26f01fa17c005b3cb13725931ebe13b3 2008.0/i586/clamdmon-0.93-1.1mdv2008.0.i586.rpm 38bf9968cf43ec266a999dfded7aee93 2008.0/i586/klamav-0.42-1.1mdv2008.0.i586.rpm 5258cd6add37130c1a57b39f9f267352 2008.0/i586/libclamav4-0.93-1.1mdv2008.0.i586.rpm 4fe6ee0301ba35592474da4104e397c8 2008.0/i586/libclamav-devel-0.93-1.1mdv2008.0.i586.rpm 2c1996c405552074dd62b41709f1813c 2008.0/SRPMS/clamav-0.93-1.1mdv2008.0.src.rpm 1ebf15643ffcd4529b40bdda43b29ad3 2008.0/SRPMS/klamav-0.42-1.1mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 0bc656b56619edac79befcd6ec53c3aa 2008.0/x86_64/clamav-0.93-1.1mdv2008.0.x86_64.rpm 37f0ef87fea5cd6c308fc08d05424daa 2008.0/x86_64/clamav-db-0.93-1.1mdv2008.0.x86_64.rpm e2a67e07d8004edde97885bf72a3691f 2008.0/x86_64/clamav-milter-0.93-1.1mdv2008.0.x86_64.rpm 5188e9cdded076959750aee1bad9c3bc 2008.0/x86_64/clamd-0.93-1.1mdv2008.0.x86_64.rpm 17078a967a86b8e2f5040cf5d9c0245c 2008.0/x86_64/clamdmon-0.93-1.1mdv2008.0.x86_64.rpm b8ff5180ec750039d7c5f5100bbabebd 2008.0/x86_64/klamav-0.42-1.1mdv2008.0.x86_64.rpm 195724b3f050dd731a765e59436e9fe4 2008.0/x86_64/lib64clamav4-0.93-1.1mdv2008.0.x86_64.rpm 6285511ac80b0cac79f6cc2818113097 2008.0/x86_64/lib64clamav-devel-0.93-1.1mdv2008.0.x86_64.rpm 2c1996c405552074dd62b41709f1813c 2008.0/SRPMS/clamav-0.93-1.1mdv2008.0.src.rpm 1ebf15643ffcd4529b40bdda43b29ad3 2008.0/SRPMS/klamav-0.42-1.1mdv2008.0.src.rpm Mandriva Linux 2008.1: 2291dc10dfa99af51d48b70f03da9fa7 2008.1/i586/clamav-0.93-1.1mdv2008.1.i586.rpm e08e441ce02bb89bba6f623732306bd5 2008.1/i586/clamav-db-0.93-1.1mdv2008.1.i586.rpm c410e5c2b1a201e06473e815ff4aa158 2008.1/i586/clamav-milter-0.93-1.1mdv2008.1.i586.rpm fd7bbda7a9fab54a113480917b3c41da 2008.1/i586/clamd-0.93-1.1mdv2008.1.i586.rpm 67470d87ea76b57aaf661155488708f1 2008.1/i586/clamdmon-0.93-1.1mdv2008.1.i586.rpm 23a50fb03269c120caeabe858f59ee7a 2008.1/i586/dansguardian-2.9.9.2-4.1mdv2008.1.i586.rpm b46316a4c2fb1ad6003dd40097de6b96 2008.1/i586/klamav-0.42-1.1mdv2008.1.i586.rpm 4b1801edc1f911495720dacd4cc6bb53 2008.1/i586/libclamav4-0.93-1.1mdv2008.1.i586.rpm 98fcb6acf0c7798df6d1cb3aa4b56c2f 2008.1/i586/libclamav-devel-0.93-1.1mdv2008.1.i586.rpm a37b7a66fc50ba007970d77d138b7d3e 2008.1/SRPMS/clamav-0.93-1.1mdv2008.1.src.rpm ba0171405e2d68adb7d8625537fa2453 2008.1/SRPMS/dansguardian-2.9.9.2-4.1mdv2008.1.src.rpm 02d57d169add2ffbb1af006449c98826 2008.1/SRPMS/klamav-0.42-1.1mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 8786af4394da5e00505d3046a5bbd264 2008.1/x86_64/clamav-0.93-1.1mdv2008.1.x86_64.rpm 0252521a932b5f34dc2ee2c48d65ce9b 2008.1/x86_64/clamav-db-0.93-1.1mdv2008.1.x86_64.rpm ebd8402e9726e03fcbd2f590b839b739 2008.1/x86_64/clamav-milter-0.93-1.1mdv2008.1.x86_64.rpm fb45839a94f656144a35e7a1d7adeb92 2008.1/x86_64/clamd-0.93-1.1mdv2008.1.x86_64.rpm 010a98abf987f7af1002d8d4232a1829 2008.1/x86_64/clamdmon-0.93-1.1mdv2008.1.x86_64.rpm 35e1466c514926807357786f829fe4f3 2008.1/x86_64/dansguardian-2.9.9.2-4.1mdv2008.1.x86_64.rpm 0dd66bf9cba34d386ebf172de8644b3b 2008.1/x86_64/klamav-0.42-1.1mdv2008.1.x86_64.rpm f324ff84c6d88e6777296a9442d07b0d 2008.1/x86_64/lib64clamav4-0.93-1.1mdv2008.1.x86_64.rpm 089e4aa77ab98bfe8fd1c0e3eb6e3127 2008.1/x86_64/lib64clamav-devel-0.93-1.1mdv2008.1.x86_64.rpm a37b7a66fc50ba007970d77d138b7d3e 2008.1/SRPMS/clamav-0.93-1.1mdv2008.1.src.rpm ba0171405e2d68adb7d8625537fa2453 2008.1/SRPMS/dansguardian-2.9.9.2-4.1mdv2008.1.src.rpm 02d57d169add2ffbb1af006449c98826 2008.1/SRPMS/klamav-0.42-1.1mdv2008.1.src.rpm Corporate 3.0: 802a2269804bc78baf2c88401d24b400 corporate/3.0/i586/clamav-0.93-0.1.C30mdk.i586.rpm 39576ec6547553eba0db0ed0d9c42607 corporate/3.0/i586/clamav-db-0.93-0.1.C30mdk.i586.rpm f7118f0c7fb44ae947b2930727b4997f corporate/3.0/i586/clamav-milter-0.93-0.1.C30mdk.i586.rpm a16b22196f03442625ea857a7a3433ec corporate/3.0/i586/clamd-0.93-0.1.C30mdk.i586.rpm 989404f6f255353442f3c0502aada856 corporate/3.0/i586/clamdmon-0.93-0.1.C30mdk.i586.rpm 124ef95e67b55b9ce9ab1f4811be729e corporate/3.0/i586/libclamav4-0.93-0.1.C30mdk.i586.rpm a5c1051a86e4e32b9ec9c9d572bf5a26 corporate/3.0/i586/libclamav-devel-0.93-0.1.C30mdk.i586.rpm c6bfee93246e9ba87df2bf0e4a7214d9 corporate/3.0/SRPMS/clamav-0.93-0.1.C30mdk.src.rpm Corporate 3.0/X86_64: eba7a24e9512a9fba953ad7c149dfc2d corporate/3.0/x86_64/clamav-0.93-0.1.C30mdk.x86_64.rpm 607c373dee1c384de55e3c5b82b0944a corporate/3.0/x86_64/clamav-db-0.93-0.1.C30mdk.x86_64.rpm d6276646656d6a3d03bb5e74678f378c corporate/3.0/x86_64/clamav-milter-0.93-0.1.C30mdk.x86_64.rpm 1da07994085e84c0950061aa12148a31 corporate/3.0/x86_64/clamd-0.93-0.1.C30mdk.x86_64.rpm 5c078fd76834ce112782b22effd23605 corporate/3.0/x86_64/clamdmon-0.93-0.1.C30mdk.x86_64.rpm 73d8f50b2e3b098d5d9e1b6b8bf901a2 corporate/3.0/x86_64/lib64clamav4-0.93-0.1.C30mdk.x86_64.rpm 9ee5c7d1f10df4538c0977e727f839ce corporate/3.0/x86_64/lib64clamav-devel-0.93-0.1.C30mdk.x86_64.rpm c6bfee93246e9ba87df2bf0e4a7214d9 corporate/3.0/SRPMS/clamav-0.93-0.1.C30mdk.src.rpm Corporate 4.0: 975e9550292dbff977188da05ea6dd64 corporate/4.0/i586/c-icap-client-210205-5.3.20060mlcs4.i586.rpm 35c665f9abf63806e3d151d93f282194 corporate/4.0/i586/c-icap-modules-210205-5.3.20060mlcs4.i586.rpm 45364ecd12c23c512c0c1293d95ba992 corporate/4.0/i586/c-icap-server-210205-5.3.20060mlcs4.i586.rpm 403db09e526eb4f2a74b7e73e9e538bf corporate/4.0/i586/clamav-0.93-0.1.20060mlcs4.i586.rpm 52afc940c587a9cccd24bc441c8e017c corporate/4.0/i586/clamav-db-0.93-0.1.20060mlcs4.i586.rpm f37a5f71e31c1c933eed20146ca84f9d corporate/4.0/i586/clamav-milter-0.93-0.1.20060mlcs4.i586.rpm d0b941d1ac03b72b3042c381dfd0a1c9 corporate/4.0/i586/clamd-0.93-0.1.20060mlcs4.i586.rpm 5192d4351a69efa83a8a9adb808a6b52 corporate/4.0/i586/clamdmon-0.93-0.1.20060mlcs4.i586.rpm 724a9e1b6ae07a18a636a10e5c5b7f0f corporate/4.0/i586/libc-icap0-210205-5.3.20060mlcs4.i586.rpm 5b373def54bd9bf9664f72f8ff8e235c corporate/4.0/i586/libc-icap0-devel-210205-5.3.20060mlcs4.i586.rpm 857bc30e1f4424b67e144788b55de384 corporate/4.0/i586/libclamav4-0.93-0.1.20060mlcs4.i586.rpm 5fa08b3ed8fe37c7674d9eabe2561dff corporate/4.0/i586/libclamav-devel-0.93-0.1.20060mlcs4.i586.rpm 285be2e785be1ceec6b9c35dd0247ddb corporate/4.0/i586/php-clamav-0.12a-8.3.20060mlcs4.i586.rpm d74e50cb3179f83fe58e63aedf9d5716 corporate/4.0/SRPMS/c-icap-210205-5.3.20060mlcs4.src.rpm 79a48f32d7b18da918add4cfe33c4372 corporate/4.0/SRPMS/clamav-0.93-0.1.20060mlcs4.src.rpm 77478e71bb36a4c14412be4b9ae7ada9 corporate/4.0/SRPMS/php-clamav-0.12a-8.3.20060mlcs4.src.rpm Corporate 4.0/X86_64: b162f8f3d8119408b6278898c2b74a66 corporate/4.0/x86_64/c-icap-client-210205-5.3.20060mlcs4.x86_64.rpm f5572368d453aab6b8caae1c3ff9162a corporate/4.0/x86_64/c-icap-modules-210205-5.3.20060mlcs4.x86_64.rpm 02868c974ebd8c8b7457503c105a35e5 corporate/4.0/x86_64/c-icap-server-210205-5.3.20060mlcs4.x86_64.rpm d296a9cba6b78e8efd40df7673f76bad corporate/4.0/x86_64/clamav-0.93-0.1.20060mlcs4.x86_64.rpm d8f8d78a35cfc1c2659bad00da841b9c corporate/4.0/x86_64/clamav-db-0.93-0.1.20060mlcs4.x86_64.rpm fa0e00380be1891d72f0bd8a9d50b4fb corporate/4.0/x86_64/clamav-milter-0.93-0.1.20060mlcs4.x86_64.rpm caf8350354766ec9e9addfa890c59a92 corporate/4.0/x86_64/clamd-0.93-0.1.20060mlcs4.x86_64.rpm 469e48622bc724ee9c91d0db3fbc0be4 corporate/4.0/x86_64/clamdmon-0.93-0.1.20060mlcs4.x86_64.rpm 2efa92677aeadd30341f16031d87daf9 corporate/4.0/x86_64/lib64c-icap0-210205-5.3.20060mlcs4.x86_64.rpm 3fed3f44754620265f3321f363b476a9 corporate/4.0/x86_64/lib64c-icap0-devel-210205-5.3.20060mlcs4.x86_64.rpm 1175e8e9c1270a393973640d9aa9670c corporate/4.0/x86_64/lib64clamav4-0.93-0.1.20060mlcs4.x86_64.rpm a8ed0a65912e7a08a933f50d6b6340a7 corporate/4.0/x86_64/lib64clamav-devel-0.93-0.1.20060mlcs4.x86_64.rpm e8748e72f1ef3a66da6c211a02750c3b corporate/4.0/x86_64/php-clamav-0.12a-8.3.20060mlcs4.x86_64.rpm d74e50cb3179f83fe58e63aedf9d5716 corporate/4.0/SRPMS/c-icap-210205-5.3.20060mlcs4.src.rpm 79a48f32d7b18da918add4cfe33c4372 corporate/4.0/SRPMS/clamav-0.93-0.1.20060mlcs4.src.rpm 77478e71bb36a4c14412be4b9ae7ada9 corporate/4.0/SRPMS/php-clamav-0.12a-8.3.20060mlcs4.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIB76JmqjQ0CJFipgRAn04AJ46WWptK4y//tqHYzrcuinaLeDkzgCgr48q is9c4i+E5CSZFt4GBzLqXbg= =8Y0Q -----END PGP SIGNATURE-----
