Clam AntiVirus BMP File Scan Bypass

2005-01-31T00:00:00
ID OSVDB:13343
Type osvdb
Reporter RedTeam Pentesting()
Modified 2005-01-31T00:00:00

Description

Vulnerability Description

ClamAV contains a flaw that may allow a remote denial of service. The issue is triggered when sending a base64 encoded image file in a URL an attacker could evade virus scanning. By sending a specially-crafted ZIP file an attacker could cause a Denial of Service by crashing the clamd daemon. occurs, and will result in loss of availability for the clamd service.

Solution Description

Upgrade to version 0.8.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

ClamAV contains a flaw that may allow a remote denial of service. The issue is triggered when sending a base64 encoded image file in a URL an attacker could evade virus scanning. By sending a specially-crafted ZIP file an attacker could cause a Denial of Service by crashing the clamd daemon. occurs, and will result in loss of availability for the clamd service.

References:

Secunia Advisory ID:14084 Secunia Advisory ID:14089 Secunia Advisory ID:14085 Other Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2005:025 Other Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200501-46.xml Other Advisory URL: http://security.gentoo.org/glsa/glsa-200501-46.xml Generic Informational URL: http://sourceforge.net/project/shownotes.php?release_id=300116 CVE-2005-0133