Info

Disclosure

Jun 29, 2005

Discovery

Jun 07, 2005

Dates

Exploit

Unknown

Solution

Unknown

Description

ClamAV contains a flaw that may allow a remote denial of service. The issue is triggered when the ENSURE_BITS() function in the libclamav/mspack/mszipd.c fails to properly validate user supplied input. A remote attacker could send a specially crafted CAB file with a cffile_FolderOffset set to 0xff to cause the program to enter an infinite loop, resulting in a loss of availability of the anti-virus system.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Rumored / Private
Disclosure: OSVDB Verified

Solution

Upgrade to version 0.86 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Tomasz Kojm

ClamAV

0.83

References

FrSIRT Advisory: ADV-2005-0922
Bugtraq ID: 14089
Related OSVDB ID: 17646
Other Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000973
http://www.debian.org/security/2005/dsa-737
http://www.debian.org/security/2005/dsa-773
http://www.idefense.com/application/poi/display?id=275&type=vulnerabilities
ISS X-Force ID: 21204
Secunia Advisory ID: 15859 15919 15938 16413
Mail List Post: http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0082.html
CVE ID: 2005-1923 (see also: NVD)
Security Tracker: 1014332
Vendor URL: http://clamav.sourceforge.net/

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36218