ClamAV versions up to 0.88.3 DoS
A Secunia bulletin earlier today alerted us to a potential denial of service in the popular open-source anti-virus package ClamAV. The vulnerability is in the pefromupx() routine for unpacking a UPX packed PE executable. The advisory states that all versions up to, and including, 0.88.4 are vulnerable. The front page of http://www.clamav.net states that the latest stable version is 0.88.4, but the "stable" page only mentions 0.88.3 released last month. The sourceforge download page lists a clamav-0.88.4.tar.gz (and .sig), but at the time of this writing, actually clicking on the link results in a "file not found" error. So, it looks like they are scrambling to fix this one and the new version should be available shortly.
Update: (2006-08-08 00:10) The tarball is available now as is a proof-of-concept.
---------------------------
Jim Clausing, jclausing --at-- isc.sans.org
Update: (2006-08-08 00:10) The tarball is available now as is a proof-of-concept.
---------------------------
Jim Clausing, jclausing --at-- isc.sans.org
Keywords:
0 comment(s)
My next class:
LINUX Incident Response and Threat Hunting | Online | US Eastern | Jan 29th - Feb 3rd 2025 |
×
Diary Archives
Comments