exploit the possibilities
Showing 1 - 9 of 9 RSS Feed

CVE-2018-0360

Status Candidate

Overview

ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.

Related Files

Gentoo Linux Security Advisory 201904-12
Posted Apr 8, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201904-12 - Multiple vulnerabilities have been found in ClamAV, the worst of which could result in a Denial of Service condition. Versions less than 0.101.2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2018-0360, CVE-2018-0361, CVE-2018-15378, CVE-2019-1785, CVE-2019-1786, CVE-2019-1787, CVE-2019-1788, CVE-2019-1789, CVE-2019-1798
MD5 | fce183a1f782d7c3380b0d8e3dca9a41
Ubuntu Security Notice USN-3722-6
Posted Sep 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-6 - USN-3722-1 fixed vulnerabilities in ClamAV. The new package introduced an issue which caused dpkg-reconfigure to enter an infinite loop. This update fixes the problem. It was discovered that ClamAV incorrectly handled parsing certain HWP files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
MD5 | ec7521f93e9159072a1a7b2ea975f236
Ubuntu Security Notice USN-3722-5
Posted Sep 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-5 - USN-3722-1 fixed vulnerabilities in ClamAV. The new package introduced an issue which caused dpkg-reconfigure to enter an infinite loop. This update fixes the problem. It was discovered that ClamAV incorrectly handled parsing certain HWP files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing certain PDF files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
MD5 | d68dff56e88be3c2285c478118e4ff05
Ubuntu Security Notice USN-3722-3
Posted Jul 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-3 - USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version removed some configuration options which caused the daemon to fail to start in environments where the ClamAV configuration file was manually edited. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
MD5 | 7272d25ace6b15017b495dcdc09f7b09
Ubuntu Security Notice USN-3722-4
Posted Jul 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-4 - USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version removed some configuration options which caused the daemon to fail to start in environments where the ClamAV configuration file was manually edited. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
MD5 | c328bb4a32f040f5fe742f79aebb2bf8
Ubuntu Security Notice USN-3722-1
Posted Jul 25, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-1 - It was discovered that ClamAV incorrectly handled parsing certain HWP files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing certain PDF files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
MD5 | 4beac8f3df61ae10d6defa8a0f414696
Ubuntu Security Notice USN-3722-2
Posted Jul 25, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-2 - USN-3722-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that ClamAV incorrectly handled parsing certain HWP files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
MD5 | cfa43d66e2ea6fbfe09c503cbfa033d2
Clam AntiVirus parsehwp3_paragraph() Denial Of Service
Posted Jul 13, 2018
Authored by Laurent Delosieres | Site secunia.com

Secunia Research has discovered a vulnerability in Clam AntiVirus, which can be exploited by malicious people to cause a DoS (Denial of Service). An integer overflow error within the "parsehwp3_paragraph()" function (libclamav/hwp.c) can be exploited to trigger an infinite loop via a specially crafted Hangul Word Processor file. The vulnerability is confirmed in version 0.100.0 and reported in versions prior to 0.100.1.

tags | advisory, denial of service, overflow
advisories | CVE-2018-0360
MD5 | 87cd959e1b15b6694588286356c9349c
Clam AntiVirus Toolkit 0.100.1
Posted Jul 9, 2018
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: ClamAV 0.100.1 is a hotfix release to patch a set of vulnerabilities.
tags | tool, virus
systems | unix
advisories | CVE-2017-16932, CVE-2018-0360, CVE-2018-0361
MD5 | 0f653df0480eebcd828939e8db9f0443
Page 1 of 1
Back1Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close