Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.811576
Kategorie:Denial of Service
Titel:ClamAV Multiple DoS Vulnerabilities (Aug 2017) - Linux
Zusammenfassung:ClamAV is prone to multiple denial of service (DoS) vulnerabilities.
Beschreibung:Summary:
ClamAV is prone to multiple denial of service (DoS) vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to:

- An improper calidation for CHM file in 'mspack/lzxd.c' script in
libmspack 0.5alpha.

- An improper calidation for CAB file in cabd_read_string function in
'mspack/cabd.c' script in libmspack 0.5alpha.

- An improper validation for e-mail message in 'libclamav/message.c'
script.

- An improper validation for PE file in wwunpack function in
'libclamav/wwunpack.c' script.

Vulnerability Impact:
Successful exploitation will allow a remote
attacker to cause a denial of service or possibly have unspecified other
impact.

Affected Software/OS:
ClamAV version 0.99.2.

Solution:
Update to version 0.99.3-beta1.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: BugTraq ID: 100154
Common Vulnerability Exposure (CVE) ID: CVE-2017-6418
http://www.securityfocus.com/bid/100154
https://security.gentoo.org/glsa/201804-16
https://bugzilla.clamav.net/show_bug.cgi?id=11797
https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_email_crash.md
https://github.com/vrtadmin/clamav-devel/commit/586a5180287262070637c8943f2f7efd652e4a2c
Common Vulnerability Exposure (CVE) ID: CVE-2017-6419
Debian Security Information: DSA-3946 (Google Search)
http://www.debian.org/security/2017/dsa-3946
https://bugzilla.clamav.net/show_bug.cgi?id=11701
https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/heap-overflow/clamav_chm_crash.md
https://github.com/vrtadmin/clamav-devel/commit/a83773682e856ad6529ba6db8d1792e6d515d7f1
https://lists.debian.org/debian-lts-announce/2018/02/msg00014.html
Common Vulnerability Exposure (CVE) ID: CVE-2017-6420
https://bugzilla.clamav.net/show_bug.cgi?id=11798
https://github.com/varsleak/varsleak-vul/blob/master/clamav-vul/use-after-free/clamav-use-after-free-pe.md
https://github.com/vrtadmin/clamav-devel/commit/dfc00cd3301a42b571454b51a6102eecf58407bc
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.