Lucene search
SuseSUSE-SA:2008:024HistoryApr 24, 2008 - 5:12 p.m.
remote code execution in clamav
2008-04-2417:12:58
lists.opensuse.org
9
0.46 Medium
EPSS
Percentile
97.1%
The AntiVirus scan engine ClamAV was updated to version 0.93 fixes a long list of vulnerabilities. These vulnerabilities can lead to remote code execution, bypassing the scanning engine, remote denial-of-service, local file overwrite. (CVE-2008-1837, CVE-2008-1836, CVE-2008-1835, CVE-2008-1833, CVE-2008-1387, CVE-2008-1100, CVE-2008-0314, CVE-2007-6595, CVE-2007-6596) Since the library changed, we also released updated klamav packages for openSUSE 10.2 and 10.3.
Solution
There is no known workaround, please install the update packages.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE | 10.2 | x86_64 | clamav-db | < 0.93-0.3 | clamav-db-0.93-0.3.x86_64.rpm |
| openSUSE | 10.2 | ppc | clamav | < 0.93-0.3 | clamav-0.93-0.3.ppc.rpm |
| openSUSE | 10.3 | x86_64 | clamav | < 0.93-0.3 | clamav-0.93-0.3.x86_64.rpm |
| openSUSE | 10.2 | x86_64 | clamav | < 0.93-0.3 | clamav-0.93-0.3.x86_64.rpm |
| openSUSE | 10.3 | i586 | klamav | < 0.41.1-32.3 | klamav-0.41.1-32.3.i586.rpm |
| openSUSE | 10.2 | ppc | klamav | < 0.41.1-17.4 | klamav-0.41.1-17.4.ppc.rpm |
| openSUSE | 10.1 | ppc | clamav-db | < 0.93-0.6 | clamav-db-0.93-0.6.ppc.rpm |
| openSUSE | 10.1 | i586 | clamav | < 0.93-0.6 | clamav-0.93-0.6.i586.rpm |
| openSUSE | 10.1 | ppc | clamav | < 0.93-0.6 | clamav-0.93-0.6.ppc.rpm |
| openSUSE | 10.3 | x86_64 | klamav | < 0.41.1-32.3 | klamav-0.41.1-32.3.x86_64.rpm |
Related
nessus
nessus
openSUSE 10 Security Update : clamav (clamav-5199)
2008-04-25 00:00:00
SuSE 10 Security Update : clamav (ZYPP Patch Number 5200)
2008-04-25 00:00:00
GLSA-200805-19 : ClamAV: Multiple vulnerabilities
2008-05-22 00:00:00
openvas
openvas
SuSE Update for clamav SUSE-SA:2008:024
2009-01-23 00:00:00
SLES9: Security update for clamav
2009-10-10 00:00:00
SLES9: Security update for clamav
2009-10-10 00:00:00
gentoo
gentoo
ClamAV: Multiple vulnerabilities
2008-05-20 00:00:00
ClamAV: Multiple Denials of Service
2008-08-08 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: clamav-0.93-1.fc9
2008-05-14 22:09:25
[SECURITY] Fedora 8 Update: clamav-0.92.1-2.fc8
2008-04-29 21:01:37
[SECURITY] Fedora 8 Update: clamav-0.92.1-3.fc8
2008-07-17 14:17:14
osv
osv
clamav
2008-04-17 00:00:00
clamav - several vulnerabilities
2008-02-16 00:00:00
cert
cert
ClamAV upack heap buffer overflow vulnerability
2008-04-21 00:00:00
debian
debian
[SECURITY] [DSA 1549-1] New clamav packages fix several vulnerabilities
2008-04-17 20:52:50
[SECURITY] [DSA 1497-1] New clamav packages fix several vulnerabilities
2008-02-16 15:26:12
altlinux
altlinux
Security fix for the ALT Linux 10 package clamav version 0.93-alt1
2008-04-15 00:00:00
Security fix for the ALT Linux 9 package clamav version 0.93-alt1
2008-04-15 00:00:00
Security fix for the ALT Linux 8 package clamav version 0.93-alt1
2008-04-15 00:00:00
freebsd
freebsd
clamav -- Multiple Vulnerabilities
2008-04-15 00:00:00
prion
prion
Design/Logic Flaw
2007-12-31 19:46:00
Code injection
2007-12-31 19:46:00
Heap overflow
2008-04-16 15:05:00
ubuntucve
ubuntucve
cve
cve
redhatcve
redhatcve
CVE-2007-6595
2019-10-04 21:29:07
CVE-2007-6596
2019-10-04 21:29:10
debiancve
debiancve
securityvulns
securityvulns
seebug
seebug
ClamAV libclamav库PeSpin堆溢出漏洞
2008-04-17 00:00:00
ClamAV libclamav/pe.c UPACK文件处理堆溢出漏洞
2008-04-15 00:00:00
ClamAV ARJ文件解析拒绝服务漏洞
2008-04-17 00:00:00
kitploit
kitploit
Radamsa - A General-Purpose Fuzzer
2024-03-25 11:30:00