Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

ClamAV: Buffer overflow in Freshclam — GLSA 200605-03

Freshclam is vulnerable to a buffer overflow that could lead to execution of arbitrary code.

Affected packages

Package app-antivirus/clamav on all architectures
Affected versions < 0.88.2
Unaffected versions >= 0.88.2

Background

ClamAV is a GPL virus scanner. Freshclam is a utility to download virus signature updates.

Description

Ulf Harnhammar and an anonymous German researcher discovered that Freshclam fails to check the size of the header data returned by a webserver.

Impact

By enticing a user to connect to a malicious webserver an attacker could cause the execution of arbitrary code.

Workaround

There is no known workaround at this time.

Resolution

All ClamAV users should upgrade to the latest version: 

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.88.2"

References

Release date
May 02, 2006

Latest revision
May 02, 2006: 01

Severity
normal

Exploitable
remote

Bugzilla entries