26
Sep
08

ClamAV Multiple DoS


ClamAV, as a free anti-virus application for Unix and Windows Server 2003/2000/NT, was reported to have multiple bugs which is exploitable remotely. No authentication required for such exploitation. Versions prior to ClamAV 0.94 are vulnerable.

1) ClamAV ‘chmunpack.c’ Invalid Memory Access Denial Of Service Vulnerability
ClamAV is prone to a denial-of-service vulnerability because of invalid memory access errors when processing malformed CHM files.

Attackers can exploit this issue to cause denial-of-service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but this has not been confirmed.

Reference:
Security Focus: ClamAV ‘chmunpack.c’ Invalid Memory Access Denial Of Service Vulnerability

Secunia: ClamAV CHM Processing Denial of Service
CVE 2008-1389

2) ClamAV Multiple Unspecified Memory Corruption Vulnerabilities
libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition.

Reference:
CVE 2008-3912
Security focus: ClamAV Multiple Unspecified Memory Corruption Vulnerabilities
Sourceforge: Release ClamAV 0.94

3) Multiple memory leaks in freshclam/manager.c allow DoS exploitation on ClamAV

Multiple memory leaks in freshclam/manager.c in ClamAV before 0.94 might allow attackers to cause a denial of service (memory consumption) via unspecified vectors related to the “error path.”

Reference:
CVE 2008-3913

4) ClamAV /libclamav/others.c and /libclamav/sis.c vulnerable to DoS

Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the “error path” in (1) libclamav/others.c and (2) libclamav/sis.c.

Reference:
CVE 2008-3914

Solution:
The vendor has released a patch on it, just update to the latest ClamAV(For Windows).

Advertisements

0 Responses to “ClamAV Multiple DoS”



  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: