exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2008-2713

Status Candidate

Overview

libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read.

Related Files

Gentoo Linux Security Advisory 200808-7
Posted Aug 8, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200808-07 - Damian Put has discovered an out-of-bounds memory access while processing Petite files (CVE-2008-2713, CVE-2008-3215). Also, please note that the 0.93 ClamAV branch fixes the first of the two attack vectors of CVE-2007-6595 concerning an insecure creation of temporary files vulnerability. The sigtool attack vector seems still unfixed. Versions less than 0.93.3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-6595, CVE-2008-2713, CVE-2008-3215
SHA-256 | 72e5ff72652f3e908577cc6bcfb0e2b935ef32a1138deaa2c92eaaa5dc59473b
Debian Linux Security Advisory 1616-2
Posted Jul 28, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1616-2 - This update corrects a packaging and build error in the packages released in DSA-1616-1. Those packages, while functional, did not actually apply the fix intended. This update restores the fix to the package build; no other changes are introduced. Damian Put discovered a vulnerability in the ClamAV anti-virus toolkit's parsing of Petite-packed Win32 executables. The weakness leads to an invalid memory access, and could enable an attacker to crash clamav by supplying a maliciously crafted Petite-compressed binary for scanning. In some configurations, such as when clamav is used in combination with mail servers, this could cause a system to "fail open," facilitating a follow-on viral attack.

tags | advisory, virus
systems | linux, windows, debian
advisories | CVE-2008-2713
SHA-256 | 51275dc8498a1260ec4a99764c2986c3d3164b4dc36a15ff51cec45f58d14d6a
Debian Linux Security Advisory 1616-1
Posted Jul 24, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1616-1 - Damian Put discovered a vulnerability in the ClamAV anti-virus toolkit's parsing of Petite-packed Win32 executables. The weakness leads to an invalid memory access, and could enable an attacker to crash clamav by supplying a maliciously crafted Petite-compressed binary for scanning. In some configurations, such as when clamav is used in combination with mail servers, this could cause a system to "fail open," facilitating a follow-on viral attack.

tags | advisory, virus
systems | linux, windows, debian
advisories | CVE-2008-2713
SHA-256 | 53d2d5e8934a297dfc89e1f10ffc3e070c9fb65df9d21b132165a4b8f84908d5
Mandriva Linux Security Advisory 2008-122
Posted Jun 24, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2008-2713
SHA-256 | 17bd9bb761ecff369db4fa511c9daeab0f092c0a076ba06f5c71e302cdc39736
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close