what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2010-082

Mandriva Linux Security Advisory 2010-082
Posted May 21, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-082 - ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities. The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka.Q) compression format. NOTE: some of these details are obtained from third party information. This update provides clamav 0.96, which is not vulnerable to these issues. Packages for 2009.0 are provided due to the Extended Maintenance Program.

tags | advisory, remote, denial of service, virus
systems | linux, mandriva
advisories | CVE-2010-0098, CVE-2010-1311
SHA-256 | 01916f1257f5750f983fb3c22bd70d378c39701cb1ea591bfd03313e40e54003

Mandriva Linux Security Advisory 2010-082

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2010:082-1
http://www.mandriva.com/security/
_______________________________________________________________________

Package : clamav
Date : May 20, 2010
Affected: 2009.0
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities has been found and corrected in clamav:

ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file
formats, which allows remote attackers to bypass virus detection via
a crafted archive that is compatible with standard archive utilities
(CVE-2010-0098).

The qtm_decompress function in libclamav/mspack.c in ClamAV before
0.96 allows remote attackers to cause a denial of service (memory
corruption and application crash) via a crafted CAB archive that uses
the Quantum (aka .Q) compression format. NOTE: some of these details
are obtained from third party information (CVE-2010-1311).

This update provides clamav 0.96, which is not vulnerable to these
issues.

Update:

Packages for 2009.0 are provided due to the Extended Maintenance
Program.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1311
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2009.0:
a548c8f4cf47f691f9b5b997ad76487a 2009.0/i586/clamav-0.96-0.1mdv2009.0.i586.rpm
8044c43d2496d16e13a80da34d604ea1 2009.0/i586/clamav-db-0.96-0.1mdv2009.0.i586.rpm
36891e225982d0f5642bec992799a0ad 2009.0/i586/clamav-milter-0.96-0.1mdv2009.0.i586.rpm
dfedaf40bc94b20628d61226eefd6854 2009.0/i586/clamd-0.96-0.1mdv2009.0.i586.rpm
731d2fbfc45ff8caa4d439ca1940fa09 2009.0/i586/libclamav6-0.96-0.1mdv2009.0.i586.rpm
0ed16a2464b523f584ff58894f364c09 2009.0/i586/libclamav-devel-0.96-0.1mdv2009.0.i586.rpm
72dccb903ebd1b09db844f8e5a75a8a2 2009.0/SRPMS/clamav-0.96-0.1mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
e2f407f26502f7ccd21968aa9b4f6a36 2009.0/x86_64/clamav-0.96-0.1mdv2009.0.x86_64.rpm
37a81ac854348cb326a9d079654130ec 2009.0/x86_64/clamav-db-0.96-0.1mdv2009.0.x86_64.rpm
9c6ed0a8019ea9c8b48dc2b73566a4e4 2009.0/x86_64/clamav-milter-0.96-0.1mdv2009.0.x86_64.rpm
94e53fc62e5636965fb42a5964966b6c 2009.0/x86_64/clamd-0.96-0.1mdv2009.0.x86_64.rpm
f3c9d760c623e2713ffb07b29d2d1474 2009.0/x86_64/lib64clamav6-0.96-0.1mdv2009.0.x86_64.rpm
a30754b6315274b7ee8536312950ba2a 2009.0/x86_64/lib64clamav-devel-0.96-0.1mdv2009.0.x86_64.rpm
72dccb903ebd1b09db844f8e5a75a8a2 2009.0/SRPMS/clamav-0.96-0.1mdv2009.0.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFL9RVOmqjQ0CJFipgRAiEeAJ4iYUdcDRSWIcbBWJdZLiT1EZdGcQCffPIY
J8hvGDL5lC4XYBKkR8pBm2I=
=bMG7
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close