Threat Level: green Handler on Duty: Yee Ching Tok

SANS ISC: New Vulnerabilities in ClamAV SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
New Vulnerabilities in ClamAV

Roflek and Lolek of TK53 has published a couple new vulnerabilities in ClamAV. Specifically three vulnerabilities- a race condition, a way to bypass scanning in Base64 UUencoded files, and finally a failure in file existence checking that potentially allows an attacker to overwrite files. It's a good read, full details are here:


68 Posts
Dec 31st 2007

Sign Up for Free or Log In to start participating in the conversation!