diff options
author | Joey Hess <joeyh@debian.org> | 2005-10-19 23:10:21 +0000 |
---|---|---|
committer | Joey Hess <joeyh@debian.org> | 2005-10-19 23:10:21 +0000 |
commit | 20cd29d934ef16cee0a9d683f5ac4233739c1a12 (patch) | |
tree | 0a755eecca326176394c24227671bdb9c379403c /data/DTSA/advs/3-clamav.adv | |
parent | 42d226f0d20fb9aaf7c03c81e97c4a5d25e35e70 (diff) |
update references to CANs to be CVEs and complete CVE transition
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@2462 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'data/DTSA/advs/3-clamav.adv')
-rw-r--r-- | data/DTSA/advs/3-clamav.adv | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/data/DTSA/advs/3-clamav.adv b/data/DTSA/advs/3-clamav.adv index 141a38ea5e..1a92f84f5c 100644 --- a/data/DTSA/advs/3-clamav.adv +++ b/data/DTSA/advs/3-clamav.adv @@ -4,40 +4,40 @@ author: Joey Hess vuln-type: denial of service and privilege escalation problem-scope: remote debian-specific: no -cve: CAN-2005-2070 CAN-2005-1923 CAN-2005-2056 CAN-2005-1922 CAN-2005-2450 +cve: CVE-2005-2070 CVE-2005-1923 CVE-2005-2056 CVE-2005-1922 CVE-2005-2450 testing-fix: 0.86.2-4etch1 sid-fix: 0.86.2-1 upgrade: apt-get upgrade Multiple security holes were found in clamav: -CAN-2005-2070 +CVE-2005-2070 The ClamAV Mail fILTER (clamav-milter), when used in Sendmail using long timeouts, allows remote attackers to cause a denial of service by keeping an open connection, which prevents ClamAV from reloading. -CAN-2005-1923 +CVE-2005-1923 The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff, which causes a zero-length read. -CAN-2005-2056 +CVE-2005-2056 The Quantum archive decompressor in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (application crash) via a crafted Quantum archive. -CAN-2005-1922 +CVE-2005-1922 The MS-Expand file handling in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function. -CAN-2005-2450 +CVE-2005-2450 Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file format processors in libclamav for Clam AntiVirus (ClamAV) allow remote |