Lucene search
AmazonALAS-2020-1335HistoryJan 14, 2020 - 6:11 p.m.
Medium: clamav
2020-01-1418:11:00
alas.aws.amazon.com
16
0.017 Low
EPSS
Percentile
87.8%
Issue Overview:
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition. (CVE-2019-15961)
Affected Packages:
clamav
Issue Correction:
Run yum update clamav to update your system.
New Packages:
i686:
clamav-update-0.101.5-1.42.amzn1.i686
clamav-debuginfo-0.101.5-1.42.amzn1.i686
clamav-db-0.101.5-1.42.amzn1.i686
clamav-lib-0.101.5-1.42.amzn1.i686
clamav-devel-0.101.5-1.42.amzn1.i686
clamav-milter-0.101.5-1.42.amzn1.i686
clamav-0.101.5-1.42.amzn1.i686
clamd-0.101.5-1.42.amzn1.i686
noarch:
clamav-filesystem-0.101.5-1.42.amzn1.noarch
clamav-data-0.101.5-1.42.amzn1.noarch
src:
clamav-0.101.5-1.42.amzn1.src
x86_64:
clamav-milter-0.101.5-1.42.amzn1.x86_64
clamav-devel-0.101.5-1.42.amzn1.x86_64
clamd-0.101.5-1.42.amzn1.x86_64
clamav-0.101.5-1.42.amzn1.x86_64
clamav-update-0.101.5-1.42.amzn1.x86_64
clamav-db-0.101.5-1.42.amzn1.x86_64
clamav-debuginfo-0.101.5-1.42.amzn1.x86_64
clamav-lib-0.101.5-1.42.amzn1.x86_64
Additional References
Red Hat: CVE-2019-15961
Mitre: CVE-2019-15961
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Amazon Linux | 1 | i686 | clamav-update | < 0.101.5-1.42.amzn1 | clamav-update-0.101.5-1.42.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | clamav-debuginfo | < 0.101.5-1.42.amzn1 | clamav-debuginfo-0.101.5-1.42.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | clamav-db | < 0.101.5-1.42.amzn1 | clamav-db-0.101.5-1.42.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | clamav-lib | < 0.101.5-1.42.amzn1 | clamav-lib-0.101.5-1.42.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | clamav-devel | < 0.101.5-1.42.amzn1 | clamav-devel-0.101.5-1.42.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | clamav-milter | < 0.101.5-1.42.amzn1 | clamav-milter-0.101.5-1.42.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | clamav | < 0.101.5-1.42.amzn1 | clamav-0.101.5-1.42.amzn1.i686.rpm |
| Amazon Linux | 1 | i686 | clamd | < 0.101.5-1.42.amzn1 | clamd-0.101.5-1.42.amzn1.i686.rpm |
| Amazon Linux | 1 | noarch | clamav-filesystem | < 0.101.5-1.42.amzn1 | clamav-filesystem-0.101.5-1.42.amzn1.noarch.rpm |
| Amazon Linux | 1 | noarch | clamav-data | < 0.101.5-1.42.amzn1 | clamav-data-0.101.5-1.42.amzn1.noarch.rpm |
Related
suse
suse
Security update for clamav (important)
2019-12-11 00:00:00
Security update for clamav (moderate)
2020-12-18 00:00:00
Security update for clamav (moderate)
2020-12-17 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: clamav-0.101.5-1.fc31
2019-12-04 01:15:40
[SECURITY] Fedora 30 Update: clamav-0.101.5-1.fc30
2019-12-01 01:04:43
openvas
openvas
ClamAV <= 0.101.4, 0.102.0 DoS Vulnerability - Linux
2020-01-20 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:14236-1)
2021-06-09 00:00:00
Fedora Update for clamav FEDORA-2019-dcbfe89e39
2019-12-04 00:00:00
ubuntu
ubuntu
ClamAV vulnerability
2020-01-23 00:00:00
ClamAV vulnerability
2020-01-08 00:00:00
nessus
nessus
Fedora 30 : clamav (2019-dcbfe89e39)
2019-12-03 00:00:00
SUSE SLED12 / SLES12 Security Update : clamav (SUSE-SU-2019:3177-1)
2019-12-06 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : ClamAV vulnerability (USN-4230-1)
2020-01-09 00:00:00
debian
debian
[SECURITY] [DLA 2108-1] clamav security update
2020-02-18 12:56:24
mageia
mageia
Updated clamav packages fix security vulnerability
2019-12-06 17:15:42
osv
osv
CVE-2019-15961
2020-01-15 19:15:13
clamav - security update
2020-02-18 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package clamav version 0.101.5-alt1
2019-11-28 00:00:00
Security fix for the ALT Linux 8 package clamav version 0.101.5-alt1
2019-11-26 00:00:00
Security fix for the ALT Linux 10 package clamav version 0.101.5-alt1
2019-11-26 00:00:00
ubuntucve
ubuntucve
CVE-2019-15961
2019-11-25 00:00:00
cve
cve
CVE-2019-15961
2020-01-15 19:15:00
alpinelinux
alpinelinux
CVE-2019-15961
2020-01-15 19:15:00
freebsd
freebsd
clamav -- Denial-of-Service (DoS) vulnerability
2019-09-06 00:00:00
cvelist
cvelist
CVE-2019-15961 Clam AntiVirus (ClamAV) Software Email Parsing Vulnerability
2020-01-15 19:05:16
symantec
symantec
ClamAV CVE-2019-15961 Denial of Service Vulnerability
2019-11-20 00:00:00
prion
prion
Race condition
2020-01-15 19:15:00
debiancve
debiancve
CVE-2019-15961
2020-01-15 19:15:00
cbl_mariner
cbl_mariner
CVE-2019-15961 affecting package clamav 0.101.2-3
2021-05-06 23:56:51
gentoo
gentoo
ClamAV: Multiple vulnerabilities
2020-03-19 00:00:00