FreeBSD : clamav -- MS-Expand file handling DoS vulnerability (6d18fe19-ee67-11d9-8310-0001020eed82)
2005-07-13T00:00:00
ID FREEBSD_PKG_6D18FE19EE6711D983100001020EED82.NASL Type nessus Reporter Tenable Modified 2013-06-21T00:00:00
Description
An iDEFENSE Security Advisory reports :
Remote exploitation of an input validation error in Clam AntiVirus ClamAV allows attackers to cause a denial of service condition.
The vulnerability specifically exists due to improper behavior during exceptional conditions.
Successful exploitation allows attackers to exhaust file descriptors pool and memory. Anti-virus detection functionality will fail if there is no file descriptors available with which to open files. Remote exploitation can be achieved by sending a malicious file in an e-mail message or during an HTTP session.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the FreeBSD VuXML database :
#
# Copyright 2003-2013 Jacques Vidrine and contributors
#
# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,
# HTML, PDF, PostScript, RTF and so forth) with or without modification,
# are permitted provided that the following conditions are met:
# 1. Redistributions of source code (VuXML) must retain the above
# copyright notice, this list of conditions and the following
# disclaimer as the first lines of this file unmodified.
# 2. Redistributions in compiled form (transformed to other DTDs,
# published online in any format, converted to PDF, PostScript,
# RTF and other formats) must reproduce the above copyright
# notice, this list of conditions and the following disclaimer
# in the documentation and/or other materials provided with the
# distribution.
#
# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
include("compat.inc");
if (description)
{
script_id(18975);
script_version("$Revision: 1.13 $");
script_cvs_date("$Date: 2013/06/21 23:57:17 $");
script_cve_id("CVE-2005-1922");
script_name(english:"FreeBSD : clamav -- MS-Expand file handling DoS vulnerability (6d18fe19-ee67-11d9-8310-0001020eed82)");
script_summary(english:"Checks for updated packages in pkg_info output");
script_set_attribute(
attribute:"synopsis",
value:
"The remote FreeBSD host is missing one or more security-related
updates."
);
script_set_attribute(
attribute:"description",
value:
"An iDEFENSE Security Advisory reports :
Remote exploitation of an input validation error in Clam AntiVirus
ClamAV allows attackers to cause a denial of service condition.
The vulnerability specifically exists due to improper behavior during
exceptional conditions.
Successful exploitation allows attackers to exhaust file descriptors
pool and memory. Anti-virus detection functionality will fail if there
is no file descriptors available with which to open files. Remote
exploitation can be achieved by sending a malicious file in an e-mail
message or during an HTTP session."
);
# http://marc.theaimsgroup.com/?l=bugtraq&m=112006402411598
script_set_attribute(
attribute:"see_also",
value:"http://marc.info/?l=bugtraq&m=112006402411598"
);
# http://www.freebsd.org/ports/portaudit/6d18fe19-ee67-11d9-8310-0001020eed82.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?e5ec2a0b"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:clamav");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:freebsd:freebsd:clamav-devel");
script_set_attribute(attribute:"cpe", value:"cpe:/o:freebsd:freebsd");
script_set_attribute(attribute:"vuln_publication_date", value:"2005/06/29");
script_set_attribute(attribute:"patch_publication_date", value:"2005/07/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2005/07/13");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.");
script_family(english:"FreeBSD Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info");
exit(0);
}
include("audit.inc");
include("freebsd_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/FreeBSD/release")) audit(AUDIT_OS_NOT, "FreeBSD");
if (!get_kb_item("Host/FreeBSD/pkg_info")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (pkg_test(save_report:TRUE, pkg:"clamav<0.86")) flag++;
if (pkg_test(save_report:TRUE, pkg:"clamav-devel<20050620")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
{"id": "FREEBSD_PKG_6D18FE19EE6711D983100001020EED82.NASL", "bulletinFamily": "scanner", "title": "FreeBSD : clamav -- MS-Expand file handling DoS vulnerability (6d18fe19-ee67-11d9-8310-0001020eed82)", "description": "An iDEFENSE Security Advisory reports :\n\nRemote exploitation of an input validation error in Clam AntiVirus ClamAV allows attackers to cause a denial of service condition.\n\nThe vulnerability specifically exists due to improper behavior during exceptional conditions.\n\nSuccessful exploitation allows attackers to exhaust file descriptors pool and memory. Anti-virus detection functionality will fail if there is no file descriptors available with which to open files. Remote exploitation can be achieved by sending a malicious file in an e-mail message or during an HTTP session.", "published": "2005-07-13T00:00:00", "modified": "2013-06-21T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=18975", "reporter": "Tenable", "references": ["http://www.nessus.org/u?e5ec2a0b", "http://marc.info/?l=bugtraq&m=112006402411598"], "cvelist": ["CVE-2005-1922"], "type": "nessus", "lastseen": "2018-09-01T23:32:54", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:clamav-devel", "p-cpe:/a:freebsd:freebsd:clamav"], "cvelist": ["CVE-2005-1922"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "An iDEFENSE Security Advisory reports :\n\nRemote exploitation of an input validation error in Clam AntiVirus ClamAV allows attackers to cause a denial of service condition.\n\nThe vulnerability specifically exists due to improper behavior during exceptional conditions.\n\nSuccessful exploitation allows attackers to exhaust file descriptors pool and memory. Anti-virus detection functionality will fail if there is no file descriptors available with which to open files. Remote exploitation can be achieved by sending a malicious file in an e-mail message or during an HTTP session.", "edition": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "17bbf979480c467fd604d7d54de9a7908aaf4ba25fa8a7fc5ed4f0162b3114c1", "hashmap": [{"hash": "fe45aa727b58c1249bf04cfb7b4e6ae0", "key": "naslFamily"}, {"hash": "8f69ba37d16b9a00d5ecd0b7fc7207e6", "key": "sourceData"}, {"hash": "6567a1d2b6d955f0fad62365642d7a0e", "key": "references"}, {"hash": "0e578c8566145a81b9abc4778240a67b", "key": "cvelist"}, {"hash": "b9210bc9ae477544a80377c610f18f65", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "9024ab754ee339f101e22cbcc0c75129", "key": "published"}, {"hash": "ee4c252211fda374a95273633d3eaa2a", "key": "cpe"}, {"hash": "11a63014a4f4d7aa4ca7f31a134a9d36", "key": "description"}, {"hash": "5d2a17889800e16c68601989cfaa5848", "key": "pluginID"}, {"hash": "ba99d3845f3359fdb5801a09dd393fc0", "key": "modified"}, {"hash": "9363028a4ea93477f9247b1e0d6b510c", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=18975", "id": "FREEBSD_PKG_6D18FE19EE6711D983100001020EED82.NASL", "lastseen": "2017-10-29T13:33:01", "modified": "2013-06-21T00:00:00", "naslFamily": "FreeBSD Local Security Checks", "objectVersion": "1.3", "pluginID": "18975", "published": "2005-07-13T00:00:00", "references": ["http://www.nessus.org/u?e5ec2a0b", "http://marc.info/?l=bugtraq&m=112006402411598"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18975);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2013/06/21 23:57:17 $\");\n\n script_cve_id(\"CVE-2005-1922\");\n\n script_name(english:\"FreeBSD : clamav -- MS-Expand file handling DoS vulnerability (6d18fe19-ee67-11d9-8310-0001020eed82)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An iDEFENSE Security Advisory reports :\n\nRemote exploitation of an input validation error in Clam AntiVirus\nClamAV allows attackers to cause a denial of service condition.\n\nThe vulnerability specifically exists due to improper behavior during\nexceptional conditions.\n\nSuccessful exploitation allows attackers to exhaust file descriptors\npool and memory. Anti-virus detection functionality will fail if there\nis no file descriptors available with which to open files. Remote\nexploitation can be achieved by sending a malicious file in an e-mail\nmessage or during an HTTP session.\"\n );\n # http://marc.theaimsgroup.com/?l=bugtraq&m=112006402411598\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://marc.info/?l=bugtraq&m=112006402411598\"\n );\n # http://www.freebsd.org/ports/portaudit/6d18fe19-ee67-11d9-8310-0001020eed82.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e5ec2a0b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:clamav-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/06/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"clamav<0.86\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"clamav-devel<20050620\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "FreeBSD : clamav -- MS-Expand file handling DoS vulnerability (6d18fe19-ee67-11d9-8310-0001020eed82)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-10-29T13:33:01"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:clamav-devel", "p-cpe:/a:freebsd:freebsd:clamav"], "cvelist": ["CVE-2005-1922"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "An iDEFENSE Security Advisory reports :\n\nRemote exploitation of an input validation error in Clam AntiVirus ClamAV allows attackers to cause a denial of service condition.\n\nThe vulnerability specifically exists due to improper behavior during exceptional conditions.\n\nSuccessful exploitation allows attackers to exhaust file descriptors pool and memory. Anti-virus detection functionality will fail if there is no file descriptors available with which to open files. Remote exploitation can be achieved by sending a malicious file in an e-mail message or during an HTTP session.", "edition": 3, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "hash": "e470e376dd4cb25fa13434d55606008da4b7050441b9246bf9576255cda14397", "hashmap": [{"hash": "fe45aa727b58c1249bf04cfb7b4e6ae0", "key": "naslFamily"}, {"hash": "8f69ba37d16b9a00d5ecd0b7fc7207e6", "key": "sourceData"}, {"hash": "6567a1d2b6d955f0fad62365642d7a0e", "key": "references"}, {"hash": "0e578c8566145a81b9abc4778240a67b", "key": "cvelist"}, {"hash": "b9210bc9ae477544a80377c610f18f65", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "9024ab754ee339f101e22cbcc0c75129", "key": "published"}, {"hash": "ee4c252211fda374a95273633d3eaa2a", "key": "cpe"}, {"hash": "11a63014a4f4d7aa4ca7f31a134a9d36", "key": "description"}, {"hash": "5d2a17889800e16c68601989cfaa5848", "key": "pluginID"}, {"hash": "ba99d3845f3359fdb5801a09dd393fc0", "key": "modified"}, {"hash": "9363028a4ea93477f9247b1e0d6b510c", "key": "title"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=18975", "id": "FREEBSD_PKG_6D18FE19EE6711D983100001020EED82.NASL", "lastseen": "2018-08-30T19:29:51", "modified": "2013-06-21T00:00:00", "naslFamily": "FreeBSD Local Security Checks", "objectVersion": "1.3", "pluginID": "18975", "published": "2005-07-13T00:00:00", "references": ["http://www.nessus.org/u?e5ec2a0b", "http://marc.info/?l=bugtraq&m=112006402411598"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18975);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2013/06/21 23:57:17 $\");\n\n script_cve_id(\"CVE-2005-1922\");\n\n script_name(english:\"FreeBSD : clamav -- MS-Expand file handling DoS vulnerability (6d18fe19-ee67-11d9-8310-0001020eed82)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An iDEFENSE Security Advisory reports :\n\nRemote exploitation of an input validation error in Clam AntiVirus\nClamAV allows attackers to cause a denial of service condition.\n\nThe vulnerability specifically exists due to improper behavior during\nexceptional conditions.\n\nSuccessful exploitation allows attackers to exhaust file descriptors\npool and memory. Anti-virus detection functionality will fail if there\nis no file descriptors available with which to open files. Remote\nexploitation can be achieved by sending a malicious file in an e-mail\nmessage or during an HTTP session.\"\n );\n # http://marc.theaimsgroup.com/?l=bugtraq&m=112006402411598\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://marc.info/?l=bugtraq&m=112006402411598\"\n );\n # http://www.freebsd.org/ports/portaudit/6d18fe19-ee67-11d9-8310-0001020eed82.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e5ec2a0b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:clamav-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/06/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"clamav<0.86\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"clamav-devel<20050620\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "FreeBSD : clamav -- MS-Expand file handling DoS vulnerability (6d18fe19-ee67-11d9-8310-0001020eed82)", "type": "nessus", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:29:51"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2005-1922"], "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "description": "An iDEFENSE Security Advisory reports :\n\nRemote exploitation of an input validation error in Clam AntiVirus ClamAV allows attackers to cause a denial of service condition.\n\nThe vulnerability specifically exists due to improper behavior during exceptional conditions.\n\nSuccessful exploitation allows attackers to exhaust file descriptors pool and memory. Anti-virus detection functionality will fail if there is no file descriptors available with which to open files. Remote exploitation can be achieved by sending a malicious file in an e-mail message or during an HTTP session.", "edition": 1, "enchantments": {}, "hash": "2482ed1102748157155e9d77bba70ee09f10b40704945bae85089b3a189b8709", "hashmap": [{"hash": "fe45aa727b58c1249bf04cfb7b4e6ae0", "key": "naslFamily"}, {"hash": "8f69ba37d16b9a00d5ecd0b7fc7207e6", "key": "sourceData"}, {"hash": "6567a1d2b6d955f0fad62365642d7a0e", "key": "references"}, {"hash": "0e578c8566145a81b9abc4778240a67b", "key": "cvelist"}, {"hash": "b9210bc9ae477544a80377c610f18f65", "key": "href"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "9024ab754ee339f101e22cbcc0c75129", "key": "published"}, {"hash": "11a63014a4f4d7aa4ca7f31a134a9d36", "key": "description"}, {"hash": "5d2a17889800e16c68601989cfaa5848", "key": "pluginID"}, {"hash": "ba99d3845f3359fdb5801a09dd393fc0", "key": "modified"}, {"hash": "9363028a4ea93477f9247b1e0d6b510c", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "84813b1457b92d6ba1174abffbb83a2f", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=18975", "id": "FREEBSD_PKG_6D18FE19EE6711D983100001020EED82.NASL", "lastseen": "2016-09-26T17:23:04", "modified": "2013-06-21T00:00:00", "naslFamily": "FreeBSD Local Security Checks", "objectVersion": "1.2", "pluginID": "18975", "published": "2005-07-13T00:00:00", "references": ["http://www.nessus.org/u?e5ec2a0b", "http://marc.info/?l=bugtraq&m=112006402411598"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18975);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2013/06/21 23:57:17 $\");\n\n script_cve_id(\"CVE-2005-1922\");\n\n script_name(english:\"FreeBSD : clamav -- MS-Expand file handling DoS vulnerability (6d18fe19-ee67-11d9-8310-0001020eed82)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An iDEFENSE Security Advisory reports :\n\nRemote exploitation of an input validation error in Clam AntiVirus\nClamAV allows attackers to cause a denial of service condition.\n\nThe vulnerability specifically exists due to improper behavior during\nexceptional conditions.\n\nSuccessful exploitation allows attackers to exhaust file descriptors\npool and memory. Anti-virus detection functionality will fail if there\nis no file descriptors available with which to open files. Remote\nexploitation can be achieved by sending a malicious file in an e-mail\nmessage or during an HTTP session.\"\n );\n # http://marc.theaimsgroup.com/?l=bugtraq&m=112006402411598\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://marc.info/?l=bugtraq&m=112006402411598\"\n );\n # http://www.freebsd.org/ports/portaudit/6d18fe19-ee67-11d9-8310-0001020eed82.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e5ec2a0b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:clamav-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/06/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"clamav<0.86\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"clamav-devel<20050620\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "title": "FreeBSD : clamav -- MS-Expand file handling DoS vulnerability (6d18fe19-ee67-11d9-8310-0001020eed82)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:23:04"}], "edition": 4, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "ee4c252211fda374a95273633d3eaa2a"}, {"key": "cvelist", "hash": "0e578c8566145a81b9abc4778240a67b"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "11a63014a4f4d7aa4ca7f31a134a9d36"}, {"key": "href", "hash": "b9210bc9ae477544a80377c610f18f65"}, {"key": "modified", "hash": "ba99d3845f3359fdb5801a09dd393fc0"}, {"key": "naslFamily", "hash": "fe45aa727b58c1249bf04cfb7b4e6ae0"}, {"key": "pluginID", "hash": "5d2a17889800e16c68601989cfaa5848"}, {"key": "published", "hash": "9024ab754ee339f101e22cbcc0c75129"}, {"key": "references", "hash": "6567a1d2b6d955f0fad62365642d7a0e"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "8f69ba37d16b9a00d5ecd0b7fc7207e6"}, {"key": "title", "hash": "9363028a4ea93477f9247b1e0d6b510c"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "17bbf979480c467fd604d7d54de9a7908aaf4ba25fa8a7fc5ed4f0162b3114c1", "viewCount": 0, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "vulnersScore": 5.0}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18975);\n script_version(\"$Revision: 1.13 $\");\n script_cvs_date(\"$Date: 2013/06/21 23:57:17 $\");\n\n script_cve_id(\"CVE-2005-1922\");\n\n script_name(english:\"FreeBSD : clamav -- MS-Expand file handling DoS vulnerability (6d18fe19-ee67-11d9-8310-0001020eed82)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An iDEFENSE Security Advisory reports :\n\nRemote exploitation of an input validation error in Clam AntiVirus\nClamAV allows attackers to cause a denial of service condition.\n\nThe vulnerability specifically exists due to improper behavior during\nexceptional conditions.\n\nSuccessful exploitation allows attackers to exhaust file descriptors\npool and memory. Anti-virus detection functionality will fail if there\nis no file descriptors available with which to open files. Remote\nexploitation can be achieved by sending a malicious file in an e-mail\nmessage or during an HTTP session.\"\n );\n # http://marc.theaimsgroup.com/?l=bugtraq&m=112006402411598\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://marc.info/?l=bugtraq&m=112006402411598\"\n );\n # http://www.freebsd.org/ports/portaudit/6d18fe19-ee67-11d9-8310-0001020eed82.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e5ec2a0b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:clamav-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/06/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"clamav<0.86\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"clamav-devel<20050620\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "pluginID": "18975", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:clamav-devel", "p-cpe:/a:freebsd:freebsd:clamav"]}
{"cve": [{"lastseen": "2016-09-03T05:31:46", "references": ["http://sourceforge.net/project/shownotes.php?release_id=336462", "http://www.debian.org/security/2005/dsa-737", "http://www.idefense.com/application/poi/display?id=276&type=vulnerabilities&flashstatus=true"], "description": "The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function.", "edition": 1, "reporter": "NVD", "published": "2005-07-05T00:00:00", "title": "CVE-2005-1922", "type": "cve", "enchantments": {"score": {"modified": "2016-09-03T05:31:46", "vector": "NONE", "value": 4.3}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2005-1922"], "scanner": [], "cpe": ["cpe:/a:clam_anti-virus:clamav:0.85", "cpe:/a:clam_anti-virus:clamav:0.84_rc1", "cpe:/a:clam_anti-virus:clamav:0.81", "cpe:/a:clam_anti-virus:clamav:0.83", "cpe:/a:clam_anti-virus:clamav:0.82", "cpe:/a:clam_anti-virus:clamav:0.85.1", "cpe:/a:clam_anti-virus:clamav:0.84_rc2"], "modified": "2008-09-05T16:50:26", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-1922", "id": "CVE-2005-1922", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:13", "references": [], "description": "Clam AntiVirus ClamAV MS-Expand File Handling DoS Vulnerability \r\n\r\niDEFENSE Security Advisory 06.29.05\r\nwww.idefense.com/application/poi/display?id=276&type=vulnerabilities\r\nJune 29, 2005\r\n\r\nI. BACKGROUND\r\n\r\nClam AntiVirus is a GPL anti-virus toolkit for Unix.\r\n\r\nII. DESCRIPTION\r\n\r\nRemote exploitation of an input validation error in Clam AntiVirus \r\nClamAV allows attackers to cause a denial of service condition. \r\n\r\nThe vulnerability specifically exists due to improper behavior during \r\nexceptional conditions. The following piece of code from \r\nlibclamav/scanners.c shows where the vulnerability exists: \r\n\r\n\r\n static int cli_scanszdd(...)\r\n {\r\n [...]\r\n FILE *tmp = NULL, *in;\r\n\r\n cli_dbgmsg("in cli_scanmscomp()\n");\r\n\r\n if((in = fdopen(dup(desc), "rb")) == NULL) {\r\n cli_dbgmsg("SZDD: Can't open descriptor %d\n", desc);\r\n return CL_EMSCOMP;\r\n }\r\n\r\n if((tmp = tmpfile()) == NULL) {\r\n cli_dbgmsg("SZDD: Can't generate temporary file.\n");\r\n fclose(in);\r\n return CL_ETMPFILE;\r\n }\r\n\r\n if(cli_msexpand(in, tmp) == -1) {\r\n cli_dbgmsg("SZDD: msexpand failed.\n");\r\n return CL_EMSCOMP;\r\n }\r\n\r\n [...]\r\n }\r\n\r\n\r\nEach time the cli_msexpand() function fails , two file descriptors ('in'\r\n\r\nand 'tmp') are leaked. As they are both opened using fopen(), there is \r\nalso a memory leak (2 * 364 bytes). This allows an attacker to exhaust \r\nall of the available file descriptors fairly quickly with around 1,000 \r\nmalformed files.\r\n\r\nIII. ANALYSIS\r\n\r\nSuccessful exploitation allows attackers to exhaust file descriptors \r\npool and memory. Anti-virus detection functionality will fail if there \r\nis no file descriptors available with which to open files. Remote \r\nexploitation can be achieved by sending a malicious file in an e-mail \r\nmessage or during an HTTP session.\r\n\r\nIV. DETECTION\r\n\r\niDEFENSE has confirmed the existence of this vulnerability in ClamAV \r\n0.83. It is suspected that all versions of ClamAV prior to 0.86 are\r\nvulnerable. \r\n\r\nThe following vendors distribute susceptible ClamAV packages within \r\ntheir respective operating system distributions:\r\n\r\n FreeBSD Project: FreeBSD 5.4 and prior\r\n Gentoo Foundation Inc.: Gentoo Linux 1.1a, 1.2, 1.4, 2004.0,\r\n2004.1\r\n and 2004.2\r\n Mandrakesoft SA: Mandrakelinux 10.1 and Corporate Server 3.0\r\n Novell Inc.: SuSE Linux 9.1, 9.2 \r\n\r\nV. WORKAROUND\r\n\r\nAs a temporary workaround solution, scanning of archive files can be \r\ndisabled by supplying the --no-archive flag; however, this will \r\nsignificantly impact the effectiveness of the AV engine.\r\n\r\nVI. VENDOR RESPONSE\r\n\r\nThis vulnerability has been patched in clamav 0.86 which is available\r\nfor download at:\r\n\r\n http://www.clamav.net/stable.php#pagestart\r\n\r\nVII. CVE INFORMATION\r\n\r\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\r\nname CAN-2005-1922 to this issue. This is a candidate for inclusion in\r\nthe CVE list (http://cve.mitre.org), which standardizes names for\r\nsecurity problems.\r\n\r\nVIII. DISCLOSURE TIMELINE\r\n\r\n06/07/2005 Initial vendor notification\r\n06/08/2005 Initial vendor response\r\n06/29/2005 Public disclosure\r\n\r\nIX. CREDIT\r\n\r\nThe discoverer of this vulnerability wishes to remain anonymous.\r\n\r\nGet paid for vulnerability research\r\nhttp://www.idefense.com/poi/teams/vcp.jsp\r\n\r\nFree tools, research and upcoming events\r\nhttp://labs.idefense.com\r\n\r\nX. LEGAL NOTICES\r\n\r\nCopyright (c) 2005 iDEFENSE, Inc.\r\n\r\nPermission is granted for the redistribution of this alert\r\nelectronically. It may not be edited in any way without the express\r\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\r\npart of this alert in any other medium other than electronically, please\r\nemail customerservice@idefense.com for permission.\r\n\r\nDisclaimer: The information in the advisory is believed to be accurate\r\nat the time of publishing based on currently available information. Use\r\nof the information constitutes acceptance for use in an AS IS condition.\r\nThere are no warranties with regard to this information. Neither the\r\nauthor nor the publisher accepts any liability for any direct, indirect,\r\nor consequential loss or damage arising from use of, or reliance on,\r\nthis information.", "edition": 1, "reporter": "Securityvulns", "published": "2005-06-30T00:00:00", "title": "iDEFENSE Security Advisory 06.29.05: Clam AntiVirus ClamAV MS-Expand File Handling DoS Vulnerability", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:10:13", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2005-1922"], "modified": "2005-06-30T00:00:00", "id": "SECURITYVULNS:DOC:9002", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:9002", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2018-08-31T01:15:56", "references": ["http://marc.theaimsgroup.com/?l=bugtraq&m=112006402411598"], "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "20050620", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "clamav-devel", "operator": "lt"}, {"OS": "FreeBSD", "OSVersion": "any", "packageVersion": "0.86", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "clamav", "operator": "lt"}], "description": "\nAn iDEFENSE Security Advisory reports:\n\nRemote exploitation of an input validation error in Clam\n\t AntiVirus ClamAV allows attackers to cause a denial of\n\t service condition.\nThe vulnerability specifically exists due to improper\n\t behavior during exceptional conditions.\nSuccessful exploitation allows attackers to exhaust file\n\t descriptors pool and memory. Anti-virus detection\n\t functionality will fail if there is no file descriptors\n\t available with which to open files. Remote exploitation\n\t can be achieved by sending a malicious file in an e-mail\n\t message or during an HTTP session.\n\n", "edition": 3, "reporter": "FreeBSD", "published": "2005-06-29T00:00:00", "title": "clamav -- MS-Expand file handling DoS vulnerability", "type": "freebsd", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2005-1922"], "modified": "2005-06-29T00:00:00", "id": "6D18FE19-EE67-11D9-8310-0001020EED82", "href": "https://vuxml.freebsd.org/freebsd/6d18fe19-ee67-11d9-8310-0001020eed82.html", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-07-02T21:10:15", "references": [], "pluginID": "54183", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "edition": 1, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-04T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "title": "FreeBSD Ports: clamav", "type": "openvas", "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1922"], "modified": "2016-09-15T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=54183", "id": "OPENVAS:54183", "sourceData": "#\n#VID 6d18fe19-ee67-11d9-8310-0001020eed82\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n clamav\n clamav-devel\n\nCVE-2005-1922\nThe MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86\nallows remote attackers to cause a denial of service (file descriptor\nand memory consumption) via a crafted file that causes repeated errors\nin the cli_msexpand function.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://marc.theaimsgroup.com/?l=bugtraq&m=112006402411598\nhttp://www.vuxml.org/freebsd/6d18fe19-ee67-11d9-8310-0001020eed82.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(54183);\n script_version(\"$Revision: 4075 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-15 15:13:05 +0200 (Thu, 15 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_bugtraq_id(14090);\n script_cve_id(\"CVE-2005-1922\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"FreeBSD Ports: clamav\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"clamav\");\nif(!isnull(bver) && revcomp(a:bver, b:\"0.86\")<0) {\n txt += 'Package clamav version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"clamav-devel\");\nif(!isnull(bver) && revcomp(a:bver, b:\"20050620\")<0) {\n txt += 'Package clamav-devel version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:17", "references": [], "pluginID": "54185", "description": "The remote host is missing an update to clamav\nannounced via advisory DSA 737-1.\n\nA number of potential remote DOS vulnerabilities have been identified in\nClamAV. In addition to the four issues identified by CVE ID above, there\nare fixes for issues in libclamav/cvd.c and libclamav/message.c.\nTogether, these issues could allow a carefully crafted message to crash\na ClamAV scanner or exhaust various resources on the machine running the\nscanner.", "edition": 2, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-01-17T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Debian Security Advisory DSA 737-1 (clamav)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1922", "CVE-2005-2070", "CVE-2005-1923", "CVE-2005-2056"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=54185", "id": "OPENVAS:54185", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_737_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 737-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"For the stable distribution (sarge), these problems have been fixed in\nversion 0.84-2.sarge.1.\n\nWe recommend that you upgrade your clamav package.\n\n https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20737-1\";\ntag_summary = \"The remote host is missing an update to clamav\nannounced via advisory DSA 737-1.\n\nA number of potential remote DOS vulnerabilities have been identified in\nClamAV. In addition to the four issues identified by CVE ID above, there\nare fixes for issues in libclamav/cvd.c and libclamav/message.c.\nTogether, these issues could allow a carefully crafted message to crash\na ClamAV scanner or exhaust various resources on the machine running the\nscanner.\";\n\n\nif(description)\n{\n script_id(54185);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:00:53 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2005-1922\", \"CVE-2005-1923\", \"CVE-2005-2056\", \"CVE-2005-2070\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 737-1 (clamav)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"clamav-base\", ver:\"0.84-2.sarge.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"clamav-testfiles\", ver:\"0.84-2.sarge.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"clamav-docs\", ver:\"0.84-2.sarge.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"clamav-freshclam\", ver:\"0.84-2.sarge.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"clamav\", ver:\"0.84-2.sarge.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libclamav1\", ver:\"0.84-2.sarge.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libclamav-dev\", ver:\"0.84-2.sarge.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"clamav-milter\", ver:\"0.84-2.sarge.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"clamav-daemon\", ver:\"0.84-2.sarge.1\", rls:\"DEB3.1\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:14", "references": [], "edition": 1, "description": "## Vulnerability Description\nClamAV contains a flaw that may allow a remote denial of service. The issue is triggered by a file descriptor leak in cli_msexpand() function, located in libclamav/scanners.c, which consumes all available file descriptors and/or memory on the target system. A remote attacker sends approximately 1,000 specially crafted archive files, either by email attachment or directly to a current HTTP session, resulting in a loss of availability of the anti-virus system.\n## Solution Description\nUpgrade to version 0.86 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nClamAV contains a flaw that may allow a remote denial of service. The issue is triggered by a file descriptor leak in cli_msexpand() function, located in libclamav/scanners.c, which consumes all available file descriptors and/or memory on the target system. A remote attacker sends approximately 1,000 specially crafted archive files, either by email attachment or directly to a current HTTP session, resulting in a loss of availability of the anti-virus system.\n## References:\nVendor URL: http://clamav.sourceforge.net/\nSecurity Tracker: 1014332\n[Secunia Advisory ID:15919](https://secuniaresearch.flexerasoftware.com/advisories/15919/)\n[Secunia Advisory ID:15859](https://secuniaresearch.flexerasoftware.com/advisories/15859/)\n[Secunia Advisory ID:15938](https://secuniaresearch.flexerasoftware.com/advisories/15938/)\n[Secunia Advisory ID:16413](https://secuniaresearch.flexerasoftware.com/advisories/16413/)\n[Related OSVDB ID: 17645](https://vulners.com/osvdb/OSVDB:17645)\nOther Advisory URL: http://www.securiteam.com/securitynews/5PP0W00G0K.html\nOther Advisory URL: http://www.debian.org/security/2005/dsa-737\nOther Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000973\nOther Advisory URL: http://www.debian.org/security/2005/dsa-773\nOther Advisory URL: http://www.idefense.com/application/poi/display?id=276&type=vulnerabilities\nMail List Post: http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0083.html\nISS X-Force ID: 21206\n[CVE-2005-1922](https://vulners.com/cve/CVE-2005-1922)\nBugtraq ID: 14090\n", "reporter": "OSVDB", "published": "2005-06-29T12:16:13", "title": "Clam AntiVirus MS-Expand File Handling DoS", "type": "osvdb", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "ClamAV", "version": "0.83", "operator": "eq"}], "cvelist": ["CVE-2005-1922"], "modified": "2005-06-29T12:16:13", "href": "https://vulners.com/osvdb/OSVDB:17646", "id": "OSVDB:17646", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2016-09-02T18:19:10", "references": [], "affectedPackage": [{"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "sparc", "packageFilename": "clamav-milter_0.84-2.sarge.1_sparc.deb", "packageName": "clamav-milter", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1.diff", "arch": "src", "packageFilename": "clamav_0.84-2.sarge.1.diff.gz", "packageName": "clamav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "i686", "packageFilename": "clamav-daemon_0.84-2.sarge.1_i386.deb", "packageName": "clamav-daemon", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "ia64", "packageFilename": "clamav-daemon_0.84-2.sarge.1_ia64.deb", "packageName": "clamav-daemon", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "i686", "packageFilename": "clamav_0.84-2.sarge.1_i386.deb", "packageName": "clamav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "hppa", "packageFilename": "clamav-milter_0.84-2.sarge.1_hppa.deb", "packageName": "clamav-milter", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "m68k", "packageFilename": "clamav_0.84-2.sarge.1_m68k.deb", "packageName": "clamav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "m68k", "packageFilename": "clamav-freshclam_0.84-2.sarge.1_m68k.deb", "packageName": "clamav-freshclam", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "ppc", "packageFilename": "libclamav1_0.84-2.sarge.1_powerpc.deb", "packageName": "libclamav1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "arm", "packageFilename": "clamav-daemon_0.84-2.sarge.1_arm.deb", "packageName": "clamav-daemon", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "mipsel", "packageFilename": "clamav-freshclam_0.84-2.sarge.1_mipsel.deb", "packageName": "clamav-freshclam", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "hppa", "packageFilename": "clamav-daemon_0.84-2.sarge.1_hppa.deb", "packageName": "clamav-daemon", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "m68k", "packageFilename": "libclamav-dev_0.84-2.sarge.1_m68k.deb", "packageName": "libclamav-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "ppc", "packageFilename": "clamav_0.84-2.sarge.1_powerpc.deb", "packageName": "clamav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "ppc", "packageFilename": "clamav-milter_0.84-2.sarge.1_powerpc.deb", "packageName": "clamav-milter", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "mips", "packageFilename": "libclamav1_0.84-2.sarge.1_mips.deb", "packageName": "libclamav1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "s390x", "packageFilename": "libclamav1_0.84-2.sarge.1_s390.deb", "packageName": "libclamav1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "hppa", "packageFilename": "clamav_0.84-2.sarge.1_hppa.deb", "packageName": "clamav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "m68k", "packageFilename": "libclamav1_0.84-2.sarge.1_m68k.deb", "packageName": "libclamav1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "mipsel", "packageFilename": "clamav-milter_0.84-2.sarge.1_mipsel.deb", "packageName": "clamav-milter", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "s390x", "packageFilename": "clamav_0.84-2.sarge.1_s390.deb", "packageName": "clamav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "m68k", "packageFilename": "clamav-daemon_0.84-2.sarge.1_m68k.deb", "packageName": "clamav-daemon", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "mips", "packageFilename": "clamav-freshclam_0.84-2.sarge.1_mips.deb", "packageName": "clamav-freshclam", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "mips", "packageFilename": "clamav-milter_0.84-2.sarge.1_mips.deb", "packageName": "clamav-milter", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "arm", "packageFilename": "clamav-milter_0.84-2.sarge.1_arm.deb", "packageName": "clamav-milter", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "ppc", "packageFilename": "clamav-freshclam_0.84-2.sarge.1_powerpc.deb", "packageName": "clamav-freshclam", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "sparc", "packageFilename": "libclamav1_0.84-2.sarge.1_sparc.deb", "packageName": "libclamav1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "ia64", "packageFilename": "clamav_0.84-2.sarge.1_ia64.deb", "packageName": "clamav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "arm", "packageFilename": "libclamav-dev_0.84-2.sarge.1_arm.deb", "packageName": "libclamav-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "i686", "packageFilename": "libclamav-dev_0.84-2.sarge.1_i386.deb", "packageName": "libclamav-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "all", "packageFilename": "clamav-base_0.84-2.sarge.1_all.deb", "packageName": "clamav-base", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "ppc", "packageFilename": "libclamav-dev_0.84-2.sarge.1_powerpc.deb", "packageName": "libclamav-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "i686", "packageFilename": "clamav-milter_0.84-2.sarge.1_i386.deb", "packageName": "clamav-milter", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "ia64", "packageFilename": "clamav-milter_0.84-2.sarge.1_ia64.deb", "packageName": "clamav-milter", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "all", "packageFilename": "clamav-testfiles_0.84-2.sarge.1_all.deb", "packageName": "clamav-testfiles", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "m68k", "packageFilename": "clamav-milter_0.84-2.sarge.1_m68k.deb", "packageName": "clamav-milter", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "mips", "packageFilename": "clamav-daemon_0.84-2.sarge.1_mips.deb", "packageName": "clamav-daemon", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "sparc", "packageFilename": "clamav-daemon_0.84-2.sarge.1_sparc.deb", "packageName": "clamav-daemon", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "mipsel", "packageFilename": "libclamav1_0.84-2.sarge.1_mipsel.deb", "packageName": "libclamav1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "arm", "packageFilename": "clamav_0.84-2.sarge.1_arm.deb", "packageName": "clamav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "alpha", "packageFilename": "clamav-freshclam_0.84-2.sarge.1_alpha.deb", "packageName": "clamav-freshclam", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "arm", "packageFilename": "libclamav1_0.84-2.sarge.1_arm.deb", "packageName": "libclamav1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "ia64", "packageFilename": "libclamav1_0.84-2.sarge.1_ia64.deb", "packageName": "libclamav1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "s390x", "packageFilename": "clamav-daemon_0.84-2.sarge.1_s390.deb", "packageName": "clamav-daemon", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "mips", "packageFilename": "libclamav-dev_0.84-2.sarge.1_mips.deb", "packageName": "libclamav-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "mipsel", "packageFilename": "libclamav-dev_0.84-2.sarge.1_mipsel.deb", "packageName": "libclamav-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "i686", "packageFilename": "libclamav1_0.84-2.sarge.1_i386.deb", "packageName": "libclamav1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "mipsel", "packageFilename": "clamav-daemon_0.84-2.sarge.1_mipsel.deb", "packageName": "clamav-daemon", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "alpha", "packageFilename": "clamav_0.84-2.sarge.1_alpha.deb", "packageName": "clamav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "hppa", "packageFilename": "libclamav-dev_0.84-2.sarge.1_hppa.deb", "packageName": "libclamav-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "sparc", "packageFilename": "clamav-freshclam_0.84-2.sarge.1_sparc.deb", "packageName": "clamav-freshclam", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "alpha", "packageFilename": "clamav-milter_0.84-2.sarge.1_alpha.deb", "packageName": "clamav-milter", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "arm", "packageFilename": "clamav-freshclam_0.84-2.sarge.1_arm.deb", "packageName": "clamav-freshclam", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "sparc", "packageFilename": "libclamav-dev_0.84-2.sarge.1_sparc.deb", "packageName": "libclamav-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84.orig", "arch": "src", "packageFilename": "clamav_0.84.orig.tar.gz", "packageName": "clamav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "hppa", "packageFilename": "libclamav1_0.84-2.sarge.1_hppa.deb", "packageName": "libclamav1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "s390x", "packageFilename": "libclamav-dev_0.84-2.sarge.1_s390.deb", "packageName": "libclamav-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "mipsel", "packageFilename": "clamav_0.84-2.sarge.1_mipsel.deb", "packageName": "clamav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "sparc", "packageFilename": "clamav_0.84-2.sarge.1_sparc.deb", "packageName": "clamav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "alpha", "packageFilename": "libclamav1_0.84-2.sarge.1_alpha.deb", "packageName": "libclamav1", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "ia64", "packageFilename": "clamav-freshclam_0.84-2.sarge.1_ia64.deb", "packageName": "clamav-freshclam", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "hppa", "packageFilename": "clamav-freshclam_0.84-2.sarge.1_hppa.deb", "packageName": "clamav-freshclam", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "alpha", "packageFilename": "clamav-daemon_0.84-2.sarge.1_alpha.deb", "packageName": "clamav-daemon", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "mips", "packageFilename": "clamav_0.84-2.sarge.1_mips.deb", "packageName": "clamav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "src", "packageFilename": "clamav_0.84-2.sarge.1.dsc", "packageName": "clamav", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "s390x", "packageFilename": "clamav-freshclam_0.84-2.sarge.1_s390.deb", "packageName": "clamav-freshclam", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "all", "packageFilename": "clamav-docs_0.84-2.sarge.1_all.deb", "packageName": "clamav-docs", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "i686", "packageFilename": "clamav-freshclam_0.84-2.sarge.1_i386.deb", "packageName": "clamav-freshclam", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "ppc", "packageFilename": "clamav-daemon_0.84-2.sarge.1_powerpc.deb", "packageName": "clamav-daemon", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "s390x", "packageFilename": "clamav-milter_0.84-2.sarge.1_s390.deb", "packageName": "clamav-milter", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "alpha", "packageFilename": "libclamav-dev_0.84-2.sarge.1_alpha.deb", "packageName": "libclamav-dev", "operator": "lt"}, {"OS": "Debian GNU/Linux", "OSVersion": "3.1", "packageVersion": "0.84-2.sarge.1", "arch": "ia64", "packageFilename": "libclamav-dev_0.84-2.sarge.1_ia64.deb", "packageName": "libclamav-dev", "operator": "lt"}], "description": "A number of potential remote denial of service vulnerabilities have been identified in ClamAV. In addition to the four issues identified by CVE ID above, there are fixes for issues in libclamav/cvd.c and libclamav/message.c. Together, these issues could allow a carefully crafted message to crash a ClamAV scanner or exhaust various resources on the machine running the scanner.\n\nFor the stable distribution (sarge), these problems have been fixed in version 0.84-2.sarge.1. \n\nWe recommend that you upgrade your clamav package.", "edition": 1, "reporter": "Debian", "published": "2005-07-05T00:00:00", "title": "clamav -- remote denial of service", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "type": "debian", "bulletinFamily": "unix", "cvelist": ["CVE-2005-1922", "CVE-2005-2070", "CVE-2005-1923", "CVE-2005-2056"], "modified": "2005-07-05T00:00:00", "id": "DSA-737", "href": "http://www.debian.org/security/dsa-737", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-01T23:45:38", "references": ["http://www.debian.org/security/2005/dsa-737"], "pluginID": "18629", "description": "A number of potential remote denial of service vulnerabilities have been identified in ClamAV. In addition to the four issues identified by CVE ID above, there are fixes for issues in libclamav/cvd.c and libclamav/message.c. Together, these issues could allow a carefully crafted message to crash a ClamAV scanner or exhaust various resources on the machine running the scanner.", "edition": 6, "reporter": "Tenable", "published": "2005-07-06T00:00:00", "title": "Debian DSA-737-1 : clamav - remote denial of service", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1922", "CVE-2005-2070", "CVE-2005-1923", "CVE-2005-2056"], "modified": "2018-08-09T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.1", "p-cpe:/a:debian:debian_linux:clamav"], "id": "DEBIAN_DSA-737.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=18629", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-737. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18629);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/08/09 17:06:36\");\n\n script_cve_id(\"CVE-2005-1922\", \"CVE-2005-1923\", \"CVE-2005-2056\", \"CVE-2005-2070\");\n script_xref(name:\"DSA\", value:\"737\");\n\n script_name(english:\"Debian DSA-737-1 : clamav - remote denial of service\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of potential remote denial of service vulnerabilities have\nbeen identified in ClamAV. In addition to the four issues identified\nby CVE ID above, there are fixes for issues in libclamav/cvd.c and\nlibclamav/message.c. Together, these issues could allow a carefully\ncrafted message to crash a ClamAV scanner or exhaust various resources\non the machine running the scanner.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2005/dsa-737\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the clamav package.\n\nFor the stable distribution (sarge), these problems have been fixed in\nversion 0.84-2.sarge.1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/07/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/06\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/06/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"clamav\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-base\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-daemon\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-docs\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-freshclam\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-milter\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-testfiles\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libclamav-dev\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libclamav1\", reference:\"0.84-2.sarge.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:47:10", "references": ["http://www.debian.org/security/2005/dsa-773"], "pluginID": "57528", "description": "This advisory adds security support for the stable amd64 distribution.\nIt covers all security updates since the release of sarge, which were missing updated packages for the not yet official amd64 port. Future security advisories will include updates for this port as well.", "edition": 6, "reporter": "Tenable", "published": "2012-01-12T00:00:00", "title": "Debian DSA-773-1 : amd64 - several vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2005-1266", "CVE-2005-1922", "CVE-2005-2070", "CVE-2005-2277", "CVE-2005-1852", "CVE-2005-1858", "CVE-2005-2301", "CVE-2005-1849", "CVE-2005-1152", "CVE-2005-1923", "CVE-2005-1689", "CVE-2005-1934", "CVE-2005-1914", "CVE-2005-2231", "CVE-2005-1546", "CVE-2005-1174", "CVE-2005-2056", "CVE-2005-1848", "CVE-2005-0469", "CVE-2005-2024", "CVE-2005-1850", "CVE-2005-1545", "CVE-2005-0753", "CVE-2005-1269", "CVE-2005-1796", "CVE-2005-1916", "CVE-2005-2040", "CVE-2005-1151", "CVE-2005-2302", "CVE-2005-2370", "CVE-2005-1992", "CVE-2005-2096", "CVE-2005-1686", "CVE-2005-1993", "CVE-2005-1175", "CVE-2005-0393", "CVE-2005-1851", "CVE-2005-0392", "CVE-2005-2250", "CVE-2005-1853"], "modified": "2018-08-09T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:several", "cpe:/o:debian:debian_linux:3.1"], "id": "DEBIAN_DSA-773.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=57528", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-773. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57528);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/08/09 17:06:36\");\n\n script_cve_id(\"CVE-2005-0392\", \"CVE-2005-0393\", \"CVE-2005-0469\", \"CVE-2005-0753\", \"CVE-2005-1151\", \"CVE-2005-1152\", \"CVE-2005-1174\", \"CVE-2005-1175\", \"CVE-2005-1266\", \"CVE-2005-1269\", \"CVE-2005-1545\", \"CVE-2005-1546\", \"CVE-2005-1686\", \"CVE-2005-1689\", \"CVE-2005-1796\", \"CVE-2005-1848\", \"CVE-2005-1849\", \"CVE-2005-1850\", \"CVE-2005-1851\", \"CVE-2005-1852\", \"CVE-2005-1853\", \"CVE-2005-1858\", \"CVE-2005-1914\", \"CVE-2005-1916\", \"CVE-2005-1922\", \"CVE-2005-1923\", \"CVE-2005-1934\", \"CVE-2005-1992\", \"CVE-2005-1993\", \"CVE-2005-2024\", \"CVE-2005-2040\", \"CVE-2005-2056\", \"CVE-2005-2070\", \"CVE-2005-2096\", \"CVE-2005-2231\", \"CVE-2005-2250\", \"CVE-2005-2277\", \"CVE-2005-2301\", \"CVE-2005-2302\", \"CVE-2005-2370\");\n script_xref(name:\"DSA\", value:\"773\");\n\n script_name(english:\"Debian DSA-773-1 : amd64 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This advisory adds security support for the stable amd64 distribution.\nIt covers all security updates since the release of sarge, which were\nmissing updated packages for the not yet official amd64 port. Future\nsecurity advisories will include updates for this port as well.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2005/dsa-773\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected several package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cwe_id(119);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:several\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/08/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/12\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/03/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.1\", prefix:\"affix\", reference:\"2.1.1-2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq\", reference:\"4.20.0-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq-common\", reference:\"4.20.0-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq-fribidi\", reference:\"4.20.0-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"centericq-utf8\", reference:\"4.20.0-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-daemon\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-freshclam\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"clamav-milter\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"crip\", reference:\"3.5-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"cvs\", reference:\"1.11.1p1debian-11\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"dhcpcd\", reference:\"1.3.22pl4-21sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ekg\", reference:\"1.5+20050411-5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ettercap\", reference:\"0.7.1-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ettercap-common\", reference:\"0.7.1-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ettercap-gtk\", reference:\"0.7.1-1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"fuse-utils\", reference:\"2.2.1-4sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gaim\", reference:\"1.2.1-1.4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gaim-dev\", reference:\"1.2.1-1.4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gedit\", reference:\"2.8.3-4sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"gopher\", reference:\"3.0.7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heartbeat\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heartbeat-dev\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-clients\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-clients-x\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-dev\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-kdc\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-servers\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"heimdal-servers-x\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ht\", reference:\"0.8.0-2sarge4\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-admin-server\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-clients\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-ftpd\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-kdc\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-rsh-server\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-telnetd\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"krb5-user\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libaffix-dev\", reference:\"2.1.1-2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libaffix2\", reference:\"2.1.1-2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libasn1-6-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libclamav-dev\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libclamav1\", reference:\"0.84-2.sarge.1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libdbm-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libfuse-dev\", reference:\"2.2.1-4sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libfuse2\", reference:\"2.2.1-4sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libgadu-dev\", reference:\"1.5+20050411-5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libgadu3\", reference:\"1.5+20050411-5\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libgdbm-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libgssapi1-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libhdb7-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkadm55\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkadm5clnt4-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkadm5srv7-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkafs0-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkrb5-17-heimdal\", reference:\"0.6.3-10sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkrb5-dev\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libkrb53\", reference:\"1.3.6-2sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libopenssl-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libpils-dev\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libpils0\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libreadline-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libruby1.8-dbg\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libstonith-dev\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libstonith0\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"libtcltk-ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-geo\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-ldap\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-mysql\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-pgsql\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-pipe\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-backend-sqlite\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-recursor\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"pdns-server\", reference:\"2.9.17-13sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ppxp\", reference:\"0.2001080415-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ppxp-dev\", reference:\"0.2001080415-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ppxp-tcltk\", reference:\"0.2001080415-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ppxp-x11\", reference:\"0.2001080415-10sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"qpopper\", reference:\"4.0.5-4sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"qpopper-drac\", reference:\"4.0.5-4sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"razor\", reference:\"2.670-1sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ruby1.8\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"ruby1.8-dev\", reference:\"1.8.2-7sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"spamc\", reference:\"3.0.3-2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"stonith\", reference:\"1.2.3-9sarge2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"sudo\", reference:\"1.6.8p7-1.1sarge1\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"zlib-bin\", reference:\"1.2.2-4.sarge.2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"zlib1g\", reference:\"1.2.2-4.sarge.2\")) flag++;\nif (deb_check(release:\"3.1\", prefix:\"zlib1g-dev\", reference:\"1.2.2-4.sarge.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
