7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.427 Medium
EPSS
Percentile
97.4%
Several vulnerabilities have been discovered in Clam AntiVirus, the antivirus scanner for Unix, designed for integration with mail servers to perform attachment scanning. The Common Vulnerabilities and Exposures project identifies the following problems :
CVE-2005-3239 The OLE2 unpacker allows remote attackers to cause a segmentation fault via a DOC file with an invalid property tree, which triggers an infinite recursion.
CVE-2005-3303 A specially crafted executable compressed with FSG 1.33 could cause the extractor to write beyond buffer boundaries, allowing an attacker to execute arbitrary code.
CVE-2005-3500 A specially crafted CAB file could cause ClamAV to be locked in an infinite loop and use all available processor resources, resulting in a denial of service.
CVE-2005-3501 A specially crafted CAB file could cause ClamAV to be locked in an infinite loop and use all available processor resources, resulting in a denial of service.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-887. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(22753);
script_version("1.20");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2005-3239", "CVE-2005-3303", "CVE-2005-3500", "CVE-2005-3501");
script_xref(name:"DSA", value:"887");
script_name(english:"Debian DSA-887-1 : clamav - several vulnerabilities");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Several vulnerabilities have been discovered in Clam AntiVirus, the
antivirus scanner for Unix, designed for integration with mail servers
to perform attachment scanning. The Common Vulnerabilities and
Exposures project identifies the following problems :
- CVE-2005-3239
The OLE2 unpacker allows remote attackers to cause a
segmentation fault via a DOC file with an invalid
property tree, which triggers an infinite recursion.
- CVE-2005-3303
A specially crafted executable compressed with FSG 1.33
could cause the extractor to write beyond buffer
boundaries, allowing an attacker to execute arbitrary
code.
- CVE-2005-3500
A specially crafted CAB file could cause ClamAV to be
locked in an infinite loop and use all available
processor resources, resulting in a denial of service.
- CVE-2005-3501
A specially crafted CAB file could cause ClamAV to be
locked in an infinite loop and use all available
processor resources, resulting in a denial of service."
);
script_set_attribute(
attribute:"see_also",
value:"http://www.debian.org/security/2005/dsa-887"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the clamav packages.
The old stable distribution (woody) does not contain clamav packages.
For the stable distribution (sarge) these problems have been fixed in
version 0.84-2.sarge.6."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_cwe_id(399);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:clamav");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:3.1");
script_set_attribute(attribute:"patch_publication_date", value:"2005/11/07");
script_set_attribute(attribute:"plugin_publication_date", value:"2006/10/14");
script_set_attribute(attribute:"vuln_publication_date", value:"2005/10/12");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2006-2021 Tenable Network Security, Inc.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"3.1", prefix:"clamav", reference:"0.84-2.sarge.6")) flag++;
if (deb_check(release:"3.1", prefix:"clamav-base", reference:"0.84-2.sarge.6")) flag++;
if (deb_check(release:"3.1", prefix:"clamav-daemon", reference:"0.84-2.sarge.6")) flag++;
if (deb_check(release:"3.1", prefix:"clamav-docs", reference:"0.84-2.sarge.6")) flag++;
if (deb_check(release:"3.1", prefix:"clamav-freshclam", reference:"0.84-2.sarge.6")) flag++;
if (deb_check(release:"3.1", prefix:"clamav-milter", reference:"0.84-2.sarge.6")) flag++;
if (deb_check(release:"3.1", prefix:"clamav-testfiles", reference:"0.84-2.sarge.6")) flag++;
if (deb_check(release:"3.1", prefix:"libclamav-dev", reference:"0.84-2.sarge.6")) flag++;
if (deb_check(release:"3.1", prefix:"libclamav1", reference:"0.84-2.sarge.6")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
debian | debian_linux | clamav | p-cpe:/a:debian:debian_linux:clamav |
debian | debian_linux | 3.1 | cpe:/o:debian:debian_linux:3.1 |