Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: ClamAV versions up to 0.88.3 DoS - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
ClamAV versions up to 0.88.3 DoS
A Secunia bulletin earlier today alerted us to a potential denial of service in the popular open-source anti-virus package ClamAV.  The vulnerability is in the pefromupx() routine for unpacking a UPX packed PE executable.  The advisory states that all versions up to, and including, 0.88.4 are vulnerable.  The front page of http://www.clamav.net states that the latest stable version is 0.88.4, but the "stable" page only mentions 0.88.3 released last month.  The sourceforge download page lists a clamav-0.88.4.tar.gz (and .sig), but at the time of this writing, actually clicking on the link results in a "file not found" error.  So, it looks like they are scrambling to fix this one and the new version should be available shortly.

---------------------------
Jim Clausing,  jclausing --at-- isc.sans.org
I will be teaching next: Malware Reverse-Engineering Challenge - SANS New York City 2019

Jim

407 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!