Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:5106
HistoryApr 25, 2009 - 12:00 a.m.

ClamAV UPack拒绝服务和cli_url_canon()栈溢出漏洞

2009-04-2500:00:00
Root
www.seebug.org
20

0.184 Low

EPSS

Percentile

96.2%

JSON

BUGTRAQ ID: 34446
CVE(CAN) ID: CVE-2009-1371,CVE-2009-1372

Clam AntiVirus是Unix的GPL杀毒工具包,很多邮件网关产品都在使用。

ClamAV的libclamav/phishcheck.c文件中的cli_url_canon函数存在栈溢出漏洞,远程攻击者可以通过提交恶意的URL来触发这个溢出,导致执行任意代码。

如果用户使用ClamAV扫描到了UPack编码的畸形文件的话,libclamav/others.h文件的CLI_ISCONTAINED宏中的安全漏洞可能导致应用程序崩溃。

ClamAV < 0.95.1
ClamAV

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://freshmeat.net/urls/c9bfa0aa2a4b8f3dc21e37debf0b05e5” target=“_blank”>http://freshmeat.net/urls/c9bfa0aa2a4b8f3dc21e37debf0b05e5</a>

Related

nessus 10
openvas 16
redhatcve 2
gentoo 1
ubuntucve 2
cvelist 2
altlinux 3
cve 2
nvd 2
debiancve 2
prion 2
debian 2
osv 1
nessus
nessus
openSUSE Security Update : clamav (clamav-809)
2009-07-21 00:00:00
openSUSE Security Update : clamav (clamav-809)
2009-07-21 00:00:00
ClamAV < 0.95.1 Multiple Vulnerabilities
2009-04-10 00:00:00
openvas
openvas
ClamAV Denial of Service Vulnerability (Linux)
2009-04-30 00:00:00
ClamAV < 0.95.1 Multiple DoS Vulnerabilities - Windows
2009-04-30 00:00:00
SLES9: Security update for ClamAV
2009-10-10 00:00:00
redhatcve
redhatcve
CVE-2009-1371
2019-10-04 21:32:35
CVE-2009-1372
2022-06-08 18:09:47
gentoo
gentoo
Clam AntiVirus: Multiple vulnerabilities
2009-09-09 00:00:00
ubuntucve
ubuntucve
CVE-2009-1371
2009-04-23 00:00:00
CVE-2009-1372
2009-04-23 00:00:00
cvelist
cvelist
CVE-2009-1371
2009-04-23 15:00:00
CVE-2009-1372
2009-04-23 15:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package clamav version 0.95.2-alt1
2009-06-22 00:00:00
Security fix for the ALT Linux 10 package clamav version 0.95.2-alt1
2009-06-22 00:00:00
Security fix for the ALT Linux 9 package clamav version 0.95.2-alt1
2009-06-22 00:00:00
cve
cve
CVE-2009-1371
2009-04-23 15:30:00
CVE-2009-1372
2009-04-23 15:30:00
nvd
nvd
CVE-2009-1371
2009-04-23 15:30:00
CVE-2009-1372
2009-04-23 15:30:00
debiancve
debiancve
CVE-2009-1371
2009-04-23 15:30:00
CVE-2009-1372
2009-04-23 15:30:00
prion
prion
Code injection
2009-04-23 15:30:00
Stack overflow
2009-04-23 15:30:00
debian
debian
[Backports-security-announce] Security Update for clamav
2009-07-20 14:47:44
[Backports-security-announce] Security Update for clamav
2009-07-20 14:56:17
osv
osv
clamav - several vulnerabilities
2009-04-15 00:00:00

0.184 Low

EPSS

Percentile

96.2%

JSON
Related for SSV:5106
nessus10openvas16redhatcve2gentoo1ubuntucve2cvelist2altlinux3cve2nvd2debiancve2prion2debian2osv1