Mandriva Linux Security Advisory 2010-082 - ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities. The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka.Q) compression format. NOTE: some of these details are obtained from third party information. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update provides clamav 0.96, which is not vulnerable to these issues.
eb840d0860c67dd281facb646f931facd1346a2f4f7d2636f450384c9134a3b0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:082
http://www.mandriva.com/security/
_______________________________________________________________________
Package : clamav
Date : April 18, 2010
Affected: 2008.0, Corporate 4.0, Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been found and corrected in clamav:
ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file
formats, which allows remote attackers to bypass virus detection via
a crafted archive that is compatible with standard archive utilities
(CVE-2010-0098).
The qtm_decompress function in libclamav/mspack.c in ClamAV before
0.96 allows remote attackers to cause a denial of service (memory
corruption and application crash) via a crafted CAB archive that uses
the Quantum (aka .Q) compression format. NOTE: some of these details
are obtained from third party information (CVE-2010-1311).
Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers
This update provides clamav 0.96, which is not vulnerable to these
issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1311
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
725bf0c38497087b9a3be4a8773c8cd0 2008.0/i586/clamav-0.96-0.1mdv2008.0.i586.rpm
147dc79976707ed0787f15dfc5f84f77 2008.0/i586/clamav-db-0.96-0.1mdv2008.0.i586.rpm
63c6b37df8ca4b6d3ca17ad858f622bb 2008.0/i586/clamav-milter-0.96-0.1mdv2008.0.i586.rpm
b464991a0ea73562a076183a1b889d1b 2008.0/i586/clamd-0.96-0.1mdv2008.0.i586.rpm
c862f6c48325f5d9c9811d9654ef6286 2008.0/i586/libclamav6-0.96-0.1mdv2008.0.i586.rpm
1345629ca340e35ae02586db29cb0df9 2008.0/i586/libclamav-devel-0.96-0.1mdv2008.0.i586.rpm
a7a379222d25afc907959dab9f0c1160 2008.0/SRPMS/clamav-0.96-0.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
a2294c5b9a7342c9a18be68e206e8127 2008.0/x86_64/clamav-0.96-0.1mdv2008.0.x86_64.rpm
e56be5cf84c280c8d9a5ae772e069623 2008.0/x86_64/clamav-db-0.96-0.1mdv2008.0.x86_64.rpm
46ccfda86d7329ec84b4425158ce0798 2008.0/x86_64/clamav-milter-0.96-0.1mdv2008.0.x86_64.rpm
14f7a2a98a648ec77cc851f449f4d529 2008.0/x86_64/clamd-0.96-0.1mdv2008.0.x86_64.rpm
f6ef52a7fc104cd163bc57229f4ce608 2008.0/x86_64/lib64clamav6-0.96-0.1mdv2008.0.x86_64.rpm
a86f2486280a9593973ca00e72160421 2008.0/x86_64/lib64clamav-devel-0.96-0.1mdv2008.0.x86_64.rpm
a7a379222d25afc907959dab9f0c1160 2008.0/SRPMS/clamav-0.96-0.1mdv2008.0.src.rpm
Corporate 4.0:
37a73e705ddd3464013e35abc0422b2f corporate/4.0/i586/clamav-0.96-0.1.20060mlcs4.i586.rpm
4867fd02902c7e67cff8c635c069f193 corporate/4.0/i586/clamav-db-0.96-0.1.20060mlcs4.i586.rpm
e0044dabbfb5b614e4e7f33dc005b9c3 corporate/4.0/i586/clamav-milter-0.96-0.1.20060mlcs4.i586.rpm
0d8b5a9c7b43bff63d205c17ae0edfdd corporate/4.0/i586/clamd-0.96-0.1.20060mlcs4.i586.rpm
216a2677193408bd94e074ed6dd041e3 corporate/4.0/i586/libclamav6-0.96-0.1.20060mlcs4.i586.rpm
126203939bdaf3a6f4539e43d3bb38b0 corporate/4.0/i586/libclamav-devel-0.96-0.1.20060mlcs4.i586.rpm
da03bea8d9ee43b6a26161f915e2dcf9 corporate/4.0/SRPMS/clamav-0.96-0.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
89a192c1ea1cdc678db652dc42df691e corporate/4.0/x86_64/clamav-0.96-0.1.20060mlcs4.x86_64.rpm
1ab9901f75ba6367905365097689c4ed corporate/4.0/x86_64/clamav-db-0.96-0.1.20060mlcs4.x86_64.rpm
5fed440379b8b58c54f6963dabe78c52 corporate/4.0/x86_64/clamav-milter-0.96-0.1.20060mlcs4.x86_64.rpm
56c4c66f35fdf0b19fd98f722a039fb8 corporate/4.0/x86_64/clamd-0.96-0.1.20060mlcs4.x86_64.rpm
1145efa3ed5032ec72228461a1d2127b corporate/4.0/x86_64/lib64clamav6-0.96-0.1.20060mlcs4.x86_64.rpm
a9d60021af0aa48ea051612d1a5a77d9 corporate/4.0/x86_64/lib64clamav-devel-0.96-0.1.20060mlcs4.x86_64.rpm
da03bea8d9ee43b6a26161f915e2dcf9 corporate/4.0/SRPMS/clamav-0.96-0.1.20060mlcs4.src.rpm
Mandriva Enterprise Server 5:
90e36dd55953ef2ec7d474a9fe884803 mes5/i586/clamav-0.96-0.1mdvmes5.1.i586.rpm
08007813bf57f6822a0b12076ccc7927 mes5/i586/clamav-db-0.96-0.1mdvmes5.1.i586.rpm
869146c059841f726e777402adf57024 mes5/i586/clamav-milter-0.96-0.1mdvmes5.1.i586.rpm
f03e3941b56ac9c669de43fa35f2e866 mes5/i586/clamd-0.96-0.1mdvmes5.1.i586.rpm
d22d4a4de191942a0e66980ce9b91b85 mes5/i586/libclamav6-0.96-0.1mdvmes5.1.i586.rpm
868e1684a7e3f53876bc91ac74b6cf8f mes5/i586/libclamav-devel-0.96-0.1mdvmes5.1.i586.rpm
39710975d4a682f07f4b35a62df09daa mes5/SRPMS/clamav-0.96-0.1mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64:
b111e1d0a7a2c7f86e4fc51ae840d7de mes5/x86_64/clamav-0.96-0.1mdvmes5.1.x86_64.rpm
30c4f7bcaff541af1c9bf1d2d4633a2b mes5/x86_64/clamav-db-0.96-0.1mdvmes5.1.x86_64.rpm
01bb253f6328f9473ffc0a167ca44a92 mes5/x86_64/clamav-milter-0.96-0.1mdvmes5.1.x86_64.rpm
d26b87fc3c7ea573f3ee7025ddfc4fbf mes5/x86_64/clamd-0.96-0.1mdvmes5.1.x86_64.rpm
486540ac41165845305c9058eb1e5f4c mes5/x86_64/lib64clamav6-0.96-0.1mdvmes5.1.x86_64.rpm
ebf62cb3bd329dce86c9e3fe5a5591b9 mes5/x86_64/lib64clamav-devel-0.96-0.1mdvmes5.1.x86_64.rpm
39710975d4a682f07f4b35a62df09daa mes5/SRPMS/clamav-0.96-0.1mdvmes5.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLyxhJmqjQ0CJFipgRAgn6AJ9EBfSgQlL2VGQ1vjVvQxn3++NuPACfWTf3
cfAYkmXPiM1u9cZRnaSV3zE=
=+P0P
-----END PGP SIGNATURE-----
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed