Lucene search

K

PRIOn knowledge basePRION:CVE-2008-1835

HistoryApr 16, 2008 - 4:05 p.m.

Authentication flaw

2008-04-1616:05:00

PRIOn knowledge base

www.prio-n.com

6

6.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.3%

ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an invalid version number, which cannot be parsed by ClamAV but can be extracted by Winrar.

CPENameOperatorVersion
clamaveq0.24
clamaveq0.20
clamaveq0.84
clamaveq0.92
clamaveq0.90.0-rc1
clamaveq0.91.2
clamaveq0.80
clamaveq0.90.1
clamaveq0.84.0-rc1
clamaveq0.91

Rows per page:

1-10 of 641

References

lists.apple.com/archives/security-announce//2008/Sep/msg00005.html

lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html

secunia.com/advisories/29891

secunia.com/advisories/30328

secunia.com/advisories/31576

secunia.com/advisories/31882

security.gentoo.org/glsa/glsa-200805-19.xml

up2date.astaro.com/2008/08/up2date_asg_v7300_ga_released.html

www.mandriva.com/security/advisories?name=MDVSA-2008:088

www.securityfocus.com/bid/28784

www.us-cert.gov/cas/techalerts/TA08-260A.html

www.vupen.com/english/advisories/2008/2584

exchange.xforce.ibmcloud.com/vulnerabilities/41874

wwws.clamav.net/bugzilla/show_bug.cgi?id=541

6.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.006 Low

EPSS

Percentile

78.3%

Related for PRION:CVE-2008-1835

debiancve1 ubuntucve1 cvelist1 cve1 openvas9 gentoo1 nessus6 suse1