22 matches found
Ubuntu: Security Advisory (USN-4146-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:14231-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:3790-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-12625 affecting package clamav 0.101.2-3
CVE-2019-12625 affecting package clamav 0.101.2-3. An upgraded version of the package is available that resolves this issue...
SUSE: Security Advisory (SUSE-SU-2019:3066-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : clamav (SUSE-SU-2020:3918-1)
This update for clamav fixes the following issues : clamav was updated to 0.103.0 to implement jscECO-3010 and bsc1118459. clamd can now reload the signature database without blocking scanning. This multi-threaded database reload improvement was made possible thanks to a community effort. -...
OPENSUSE-SU-2019:2597-1 Security update for clamav
This update for clamav fixes the following issues: Security issue fixed: - CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files bsc1144504. - CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors bsc1149458...
SUSE SLED12 / SLES12 Security Update : clamav (SUSE-SU-2019:3066-1)
This update for clamav fixes the following issues : Security issue fixed : CVE-2019-12625: Fixed a ZIP bomb issue by adding detection and heuristics for zips with overlapping files bsc1144504. CVE-2019-12900: Fixed an out-of-bounds write in decompress.c with many selectors bsc1149458. Non-securit...
CVE-2019-12625 ClamAV Zip Bomb Vulnerability
ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnerability where an unauthenticated attacker can cause a denial of service condition by sending crafted messages to an affected system...
CVE-2019-12625
CVE-2019-12625 affects ClamAV versions prior to 0.101.3, exposing a Denial of Service via zip bombs. The issue stems from excessively long scan times caused by crafted ZIP data. Public references in the connected documents confirm the vulnerability and its remediation path, with fixes implemented...
[SECURITY] [DLA 1953-2] clamav regression update
Package : clamav Version : 0.101.4+dfsg-0+deb8u2 CVE ID : CVE-2019-12625 CVE-2019-12900 Debian Bug : 942172 The update of clamav released as DLA 1953-1 led to permission issues on /var/run/clamav. This caused several users to experience issues restarting the clamav daemon. This regression is caus...
Debian: Security Advisory (DLA-1953-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1953-1] clamav security update
Package : clamav Version : 0.101.4+dfsg-0+deb8u1 CVE ID : CVE-2019-12625 CVE-2019-12900 Debian Bug : 34359 It was discovered that clamav, the open source antivirus engine, is affected by the following security vulnerabilities: CVE-2019-12625 Denial of Service DoS vulnerability, resulting from...
USN-4146-2: ClamAV vulnerabilities
USN-4146-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled unpacking ZIP files. A remote attacker could possibly use this issue to cause...
Ubuntu: Security Advisory (USN-4146-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 29 : clamav (2019-aabcb53ec6)
ClamAV 0.101.4 is a security patch release that addresses the following issues. - An out of bounds write was possible within ClamAV's NSIS bzip2 library when attempting decompression in cases where the number of selectors exceeded the max limit set by the library CVE-2019-12900. The issue has bee...
Security fix for the ALT Linux 10 package clamav version 0.101.4-alt1
Sept. 2, 2019 Sergey Y. Afonin 0.101.4-alt1 - 0.101.4 CVE-2019-12900, additional handling CVE-2019-12625 which has been mitigated in 0.101.3...
Security fix for the ALT Linux 8 package clamav version 0.101.4-alt1
Sept. 2, 2019 Sergey Y. Afonin 0.101.4-alt1 - 0.101.4 CVE-2019-12900, additional handling CVE-2019-12625 which has been mitigated in 0.101.3...
Fedora 30 : clamav (2019-5c2dc50262)
ClamAV 0.101.4 is a security patch release that addresses the following issues. - An out of bounds write was possible within ClamAV's NSIS bzip2 library when attempting decompression in cases where the number of selectors exceeded the max limit set by the library CVE-2019-12900. The issue has bee...
FreeBSD : clamav -- multiple vulnerabilities (dbd1f627-c43b-11e9-a923-9c5c8e75236a)
Micah Snyder reports : - An out of bounds write was possible within ClamAV&s NSIS bzip2 library when attempting decompression in cases where the number of selectors exceeded the max limit set by the library CVE-2019-12900. The issue has been resolved by respecting that limit. - The zip bomb...