Lucene search

K

Fedora 30 : clamav (2019-dcbfe89e39)

ClamAV 0.101.5 security patch addressing DoS, zip scanning improvements, signature load time optimization, and static linking with libjson-c

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
Ubuntu
ClamAV vulnerability
23 Jan 202000:00
ubuntu
Ubuntu
ClamAV vulnerability
8 Jan 202000:00
ubuntu
SUSE Linux
Security update for clamav (important)
11 Dec 201900:00
suse
SUSE Linux
Security update for clamav (moderate)
17 Dec 202000:00
suse
SUSE Linux
Security update for clamav (moderate)
18 Dec 202000:00
suse
Fedora
[SECURITY] Fedora 31 Update: clamav-0.101.5-1.fc31
4 Dec 201901:15
fedora
Fedora
[SECURITY] Fedora 30 Update: clamav-0.101.5-1.fc30
1 Dec 201901:04
fedora
Amazon
Medium: clamav
14 Jan 202018:11
amazon
OpenVAS
Fedora Update for clamav FEDORA-2019-dcbfe89e39
4 Dec 201900:00
openvas
OpenVAS
SUSE: Security Advisory (SUSE-SU-2019:14236-1)
9 Jun 202100:00
openvas
Rows per page
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory FEDORA-2019-dcbfe89e39.
#

include('compat.inc');

if (description)
{
  script_id(131462);
  script_version("1.5");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/04/09");

  script_cve_id("CVE-2019-15961");
  script_xref(name:"FEDORA", value:"2019-dcbfe89e39");

  script_name(english:"Fedora 30 : clamav (2019-dcbfe89e39)");

  script_set_attribute(attribute:"synopsis", value:
"The remote Fedora host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"- Drop [email protected] file (bz#1725810)

ClamAV 0.101.5 is a security patch release that addresses the
following issues.

  - CVE-2019-15961: A Denial-of-Service (DoS) vulnerability
    may occur when scanning a specially crafted email file
    as a result of excessively long scan times. The issue is
    resolved by implementing several maximums in parsing
    MIME messages and by optimizing use of memory
    allocation.

  - Added the zip scanning improvements found in v0.102.0
    where it scans files using zip records from a sorted
    catalogue which provides deduplication of file records
    resulting in faster extraction and scan time and
    reducing the likelihood of alerting on non-malicious
    duplicate file entries as overlapping files.

  - Signature load time is significantly reduced by changing
    to a more efficient algorithm for loading signature
    patterns and allocating the AC trie. Patch courtesy of
    Alberto Wu.

  - Introduced a new configure option to statically link
    libjson-c with libclamav. Static linking with libjson is
    highly recommended to prevent crashes in applications
    that use libclamav alongside another JSON parsing
    library.

  - Null-dereference fix in email parser when using the
    --gen-json metadata option.

----

Add TimeoutStartSec=420 to [email protected] to match upstream

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as
possible without introducing additional issues.");
  script_set_attribute(attribute:"see_also", value:"https://bodhi.fedoraproject.org/updates/FEDORA-2019-dcbfe89e39");
  script_set_attribute(attribute:"solution", value:
"Update the affected clamav package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-15961");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2020/01/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/12/01");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/12/03");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:clamav");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:30");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Fedora Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = pregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! preg(pattern:"^30([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 30", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);


flag = 0;
if (rpm_check(release:"FC30", reference:"clamav-0.101.5-1.fc30")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav");
}

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
03 Dec 2019 00:00Current
6.7Medium risk
Vulners AI Score6.7
CVSS27.1
CVSS37.5
EPSS0.017
23
.json
Report