blob: 1a92f84f5cedcbddd3f345b981b09fb8e693e7e6 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
source: clamav
date: August 28th, 2005
author: Joey Hess
vuln-type: denial of service and privilege escalation
problem-scope: remote
debian-specific: no
cve: CVE-2005-2070 CVE-2005-1923 CVE-2005-2056 CVE-2005-1922 CVE-2005-2450
testing-fix: 0.86.2-4etch1
sid-fix: 0.86.2-1
upgrade: apt-get upgrade
Multiple security holes were found in clamav:
CVE-2005-2070
The ClamAV Mail fILTER (clamav-milter), when used in Sendmail using long
timeouts, allows remote attackers to cause a denial of service by keeping
an open connection, which prevents ClamAV from reloading.
CVE-2005-1923
The ENSURE_BITS macro in mszipd.c for Clam AntiVirus (ClamAV) allows remote
attackers to cause a denial of service (CPU consumption by infinite loop)
via a cabinet (CAB) file with the cffile_FolderOffset field set to 0xff,
which causes a zero-length read.
CVE-2005-2056
The Quantum archive decompressor in Clam AntiVirus (ClamAV) allows remote
attackers to cause a denial of service (application crash) via a crafted
Quantum archive.
CVE-2005-1922
The MS-Expand file handling in Clam AntiVirus (ClamAV) allows remote
attackers to cause a denial of service (file descriptor and memory
consumption) via a crafted file that causes repeated errors in the
cli_msexpand function.
CVE-2005-2450
Multiple integer overflows in the (1) TNEF, (2) CHM, or (3) FSG file
format processors in libclamav for Clam AntiVirus (ClamAV) allow remote
attackers to gain privileges via a crafted e-mail message.
|