what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2008-2713

Status Candidate

Overview

libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read.

Related Files

Gentoo Linux Security Advisory 200808-7
Posted Aug 8, 2008
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200808-07 - Damian Put has discovered an out-of-bounds memory access while processing Petite files (CVE-2008-2713, CVE-2008-3215). Also, please note that the 0.93 ClamAV branch fixes the first of the two attack vectors of CVE-2007-6595 concerning an insecure creation of temporary files vulnerability. The sigtool attack vector seems still unfixed. Versions less than 0.93.3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2007-6595, CVE-2008-2713, CVE-2008-3215
SHA-256 | 72e5ff72652f3e908577cc6bcfb0e2b935ef32a1138deaa2c92eaaa5dc59473b
Debian Linux Security Advisory 1616-2
Posted Jul 28, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1616-2 - This update corrects a packaging and build error in the packages released in DSA-1616-1. Those packages, while functional, did not actually apply the fix intended. This update restores the fix to the package build; no other changes are introduced. Damian Put discovered a vulnerability in the ClamAV anti-virus toolkit's parsing of Petite-packed Win32 executables. The weakness leads to an invalid memory access, and could enable an attacker to crash clamav by supplying a maliciously crafted Petite-compressed binary for scanning. In some configurations, such as when clamav is used in combination with mail servers, this could cause a system to "fail open," facilitating a follow-on viral attack.

tags | advisory, virus
systems | linux, windows, debian
advisories | CVE-2008-2713
SHA-256 | 51275dc8498a1260ec4a99764c2986c3d3164b4dc36a15ff51cec45f58d14d6a
Debian Linux Security Advisory 1616-1
Posted Jul 24, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1616-1 - Damian Put discovered a vulnerability in the ClamAV anti-virus toolkit's parsing of Petite-packed Win32 executables. The weakness leads to an invalid memory access, and could enable an attacker to crash clamav by supplying a maliciously crafted Petite-compressed binary for scanning. In some configurations, such as when clamav is used in combination with mail servers, this could cause a system to "fail open," facilitating a follow-on viral attack.

tags | advisory, virus
systems | linux, windows, debian
advisories | CVE-2008-2713
SHA-256 | 53d2d5e8934a297dfc89e1f10ffc3e070c9fb65df9d21b132165a4b8f84908d5
Mandriva Linux Security Advisory 2008-122
Posted Jun 24, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2008-2713
SHA-256 | 17bd9bb761ecff369db4fa511c9daeab0f092c0a076ba06f5c71e302cdc39736
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close