Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-926-1.NASL
HistoryApr 09, 2010 - 12:00 a.m.

Ubuntu 8.10 / 9.04 / 9.10 : clamav vulnerabilities (USN-926-1)

2010-04-0900:00:00
Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7
JSON

It was discovered that ClamAV did not properly verify its input when processing CAB files. A remote attacker could send a specially crafted CAB file to evade malware detection. (CVE-2010-0098)

It was discovered that ClamAV did not properly verify its input when processing CAB files. A remote attacker could send a specially crafted CAB file and cause a denial of service via application crash.
(CVE-2010-1311).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-926-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include("compat.inc");

if (description)
{
  script_id(45476);
  script_version("1.13");
  script_cvs_date("Date: 2019/09/19 12:54:26");

  script_cve_id("CVE-2010-0098", "CVE-2010-1311");
  script_bugtraq_id(39262);
  script_xref(name:"USN", value:"926-1");

  script_name(english:"Ubuntu 8.10 / 9.04 / 9.10 : clamav vulnerabilities (USN-926-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"It was discovered that ClamAV did not properly verify its input when
processing CAB files. A remote attacker could send a specially crafted
CAB file to evade malware detection. (CVE-2010-0098)

It was discovered that ClamAV did not properly verify its input when
processing CAB files. A remote attacker could send a specially crafted
CAB file and cause a denial of service via application crash.
(CVE-2010-1311).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/926-1/"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav-base");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav-daemon");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav-dbg");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav-docs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav-freshclam");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav-milter");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav-testfiles");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libclamav-dev");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libclamav6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.04");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.10");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/04/08");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/04/08");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/04/09");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(8\.10|9\.04|9\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 8.10 / 9.04 / 9.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"8.10", pkgname:"clamav", pkgver:"0.95.3+dfsg-1ubuntu0.09.04~intrepid3")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"clamav-base", pkgver:"0.95.3+dfsg-1ubuntu0.09.04~intrepid3")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"clamav-daemon", pkgver:"0.95.3+dfsg-1ubuntu0.09.04~intrepid3")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"clamav-dbg", pkgver:"0.95.3+dfsg-1ubuntu0.09.04~intrepid3")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"clamav-docs", pkgver:"0.95.3+dfsg-1ubuntu0.09.04~intrepid3")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"clamav-freshclam", pkgver:"0.95.3+dfsg-1ubuntu0.09.04~intrepid3")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"clamav-milter", pkgver:"0.95.3+dfsg-1ubuntu0.09.04~intrepid3")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"clamav-testfiles", pkgver:"0.95.3+dfsg-1ubuntu0.09.04~intrepid3")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"libclamav-dev", pkgver:"0.95.3+dfsg-1ubuntu0.09.04~intrepid3")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"libclamav6", pkgver:"0.95.3+dfsg-1ubuntu0.09.04~intrepid3")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"clamav", pkgver:"0.95.3+dfsg-1ubuntu0.09.04.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"clamav-base", pkgver:"0.95.3+dfsg-1ubuntu0.09.04.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"clamav-daemon", pkgver:"0.95.3+dfsg-1ubuntu0.09.04.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"clamav-dbg", pkgver:"0.95.3+dfsg-1ubuntu0.09.04.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"clamav-docs", pkgver:"0.95.3+dfsg-1ubuntu0.09.04.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"clamav-freshclam", pkgver:"0.95.3+dfsg-1ubuntu0.09.04.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"clamav-milter", pkgver:"0.95.3+dfsg-1ubuntu0.09.04.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"clamav-testfiles", pkgver:"0.95.3+dfsg-1ubuntu0.09.04.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"libclamav-dev", pkgver:"0.95.3+dfsg-1ubuntu0.09.04.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"libclamav6", pkgver:"0.95.3+dfsg-1ubuntu0.09.04.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"clamav", pkgver:"0.95.3+dfsg-1ubuntu0.09.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"clamav-base", pkgver:"0.95.3+dfsg-1ubuntu0.09.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"clamav-daemon", pkgver:"0.95.3+dfsg-1ubuntu0.09.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"clamav-dbg", pkgver:"0.95.3+dfsg-1ubuntu0.09.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"clamav-docs", pkgver:"0.95.3+dfsg-1ubuntu0.09.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"clamav-freshclam", pkgver:"0.95.3+dfsg-1ubuntu0.09.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"clamav-milter", pkgver:"0.95.3+dfsg-1ubuntu0.09.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"clamav-testfiles", pkgver:"0.95.3+dfsg-1ubuntu0.09.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"libclamav-dev", pkgver:"0.95.3+dfsg-1ubuntu0.09.10.1")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"libclamav6", pkgver:"0.95.3+dfsg-1ubuntu0.09.10.1")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_HOLE,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav / clamav-base / clamav-daemon / clamav-dbg / clamav-docs / etc");
}
VendorProductVersionCPE
canonicalubuntu_linuxclamavp-cpe:/a:canonical:ubuntu_linux:clamav
canonicalubuntu_linuxclamav-basep-cpe:/a:canonical:ubuntu_linux:clamav-base
canonicalubuntu_linuxclamav-daemonp-cpe:/a:canonical:ubuntu_linux:clamav-daemon
canonicalubuntu_linuxclamav-dbgp-cpe:/a:canonical:ubuntu_linux:clamav-dbg
canonicalubuntu_linuxclamav-docsp-cpe:/a:canonical:ubuntu_linux:clamav-docs
canonicalubuntu_linuxclamav-freshclamp-cpe:/a:canonical:ubuntu_linux:clamav-freshclam
canonicalubuntu_linuxclamav-milterp-cpe:/a:canonical:ubuntu_linux:clamav-milter
canonicalubuntu_linuxclamav-testfilesp-cpe:/a:canonical:ubuntu_linux:clamav-testfiles
canonicalubuntu_linuxlibclamav-devp-cpe:/a:canonical:ubuntu_linux:libclamav-dev
canonicalubuntu_linuxlibclamav6p-cpe:/a:canonical:ubuntu_linux:libclamav6
Rows per page:
1-10 of 131

Related

openvas 12
securityvulns 2
nessus 11
ubuntu 1
gentoo 1
prion 2
cve 2
ubuntucve 2
debiancve 2
openvas
openvas
ClamAV < 0.96 Security Bypass And Memory Corruption Vulnerabilities - Windows
2010-04-13 00:00:00
Mandriva Update for clamav MDVSA-2010:082 (clamav)
2010-04-19 00:00:00
Mandriva Update for clamav MDVSA-2010:082 (clamav)
2010-04-19 00:00:00
securityvulns
securityvulns
[ MDVSA-2010:082 ] clamav
2010-04-26 00:00:00
ClamAV memory corruption
2010-04-26 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : clamav (MDVSA-2010:082-1)
2010-04-19 00:00:00
SuSE 10 Security Update : ClamAV (ZYPP Patch Number 6983)
2010-04-26 00:00:00
ClamAV < 0.96 Multiple Vulnerabilities
2010-04-07 00:00:00
ubuntu
ubuntu
ClamAV vulnerabilities
2010-04-08 00:00:00
gentoo
gentoo
Clam AntiVirus: Multiple vulnerabilities
2010-09-07 00:00:00
prion
prion
Authentication flaw
2010-04-08 17:30:00
Memory corruption
2010-04-08 17:30:00
cve
cve
CVE-2010-0098
2010-04-08 17:30:00
CVE-2010-1311
2010-04-08 17:30:00
ubuntucve
ubuntucve
CVE-2010-0098
2010-04-08 00:00:00
CVE-2010-1311
2010-04-09 00:00:00
debiancve
debiancve
CVE-2010-1311
2010-04-08 17:30:00
CVE-2010-0098
2010-04-08 17:30:00
JSON
Related for UBUNTU_USN-926-1.NASL
openvas12securityvulns2nessus11ubuntu1gentoo1prion2cve2ubuntucve2debiancve2