LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: July 18th, 2014
Linux Advisory Watch: July 13th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: Updated clamav packages fix vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Damian Put discovered an integer overflow in the PE header parser in ClamAV that could be exploited if the ArchiveMaxFileSize option was disabled (CVE-2006-1614).
 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:067
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : clamav
 Date    : April 7, 2006
 Affected: 10.2, 2006.0, Corporate 3.0
 _______________________________________________________________________
 
 Problem Description:
 
 Damian Put discovered an integer overflow in the PE header parser in
 ClamAV that could be exploited if the ArchiveMaxFileSize option was
 disabled (CVE-2006-1614).
 
 Format strings in the logging code could possibly lead to the execution
 of arbitrary code (CVE-2006-1615).
 
 David Luyer found that ClamAV could be tricked into an invalid memory
 access in the cli_bitset_set() function, which could lead to a Denial
 of Service (CVE-2006-1630).
 
 This update provides ClamAV 0.88.1 which corrects this issue and also
 fixes some other bugs.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1614
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1615
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1630
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 10.2:
 78af90cdd26037ecc4753cc223ef1b46  10.2/RPMS/clamav-0.88.1-0.1.102mdk.i586.rpm
 386742ea0d3fa49e7d4116c883632c40  10.2/RPMS/clamav-db-0.88.1-0.1.102mdk.i586.rpm
 162bac111e036526638c9556404f84ef  10.2/RPMS/clamav-milter-0.88.1-0.1.102mdk.i586.rpm
 790cae6bca4f206d0d41ccdc9aab4172  10.2/RPMS/clamd-0.88.1-0.1.102mdk.i586.rpm
 f4ec987f6de8dbe0fa0a370a8513576c  10.2/RPMS/libclamav1-0.88.1-0.1.102mdk.i586.rpm
 4cf47fde81840efb4c17e24181587fad  10.2/RPMS/libclamav1-devel-0.88.1-0.1.102mdk.i586.rpm
 4ae4f91cb63670f018c84644685708d1  10.2/SRPMS/clamav-0.88.1-0.1.102mdk.src.rpm

 Mandriva Linux 10.2/X86_64:
 d67ab22811cc7329d889fd2953ff98e4  x86_64/10.2/RPMS/clamav-0.88.1-0.1.102mdk.x86_64.rpm
 1750f5d9e63d9e37a170114cee64fe7f  x86_64/10.2/RPMS/clamav-db-0.88.1-0.1.102mdk.x86_64.rpm
 28310e3fb5eba18cb1312591ee94b747  x86_64/10.2/RPMS/clamav-milter-0.88.1-0.1.102mdk.x86_64.rpm
 afa8503930c109873deb561d0bf19637  x86_64/10.2/RPMS/clamd-0.88.1-0.1.102mdk.x86_64.rpm
 90b6e2108b96abc940309dbdf277c15b  x86_64/10.2/RPMS/lib64clamav1-0.88.1-0.1.102mdk.x86_64.rpm
 53b7e0d8aa707a2679121c1ee3e3a68d  x86_64/10.2/RPMS/lib64clamav1-devel-0.88.1-0.1.102mdk.x86_64.rpm
 4ae4f91cb63670f018c84644685708d1  x86_64/10.2/SRPMS/clamav-0.88.1-0.1.102mdk.src.rpm

 Mandriva Linux 2006.0:
 604deb9acc669892e83889e21003da72  2006.0/RPMS/clamav-0.88.1-0.1.20060mdk.i586.rpm
 130c0cd5592f794dff01c816da87a22c  2006.0/RPMS/clamav-db-0.88.1-0.1.20060mdk.i586.rpm
 c70b05eb926c8de70e8c61404ffe878d  2006.0/RPMS/clamav-milter-0.88.1-0.1.20060mdk.i586.rpm
 744662b01972ca7d4e8cf319778f5e70  2006.0/RPMS/clamd-0.88.1-0.1.20060mdk.i586.rpm
 b33e83e43cf31b1cf8b01d4ae0140cb6  2006.0/RPMS/libclamav1-0.88.1-0.1.20060mdk.i586.rpm
 494e3c588012bb49c7539379a1ed7d04  2006.0/RPMS/libclamav1-devel-0.88.1-0.1.20060mdk.i586.rpm
 ee0dad2e6693a49018772d523b31caf7  2006.0/SRPMS/clamav-0.88.1-0.1.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 9ed21b8dfaf3cc0e97642c01a60cb77e  x86_64/2006.0/RPMS/clamav-0.88.1-0.1.20060mdk.x86_64.rpm
 6c9774f949aa4d6543fe73465fa18fd3  x86_64/2006.0/RPMS/clamav-db-0.88.1-0.1.20060mdk.x86_64.rpm
 7da7ff8ca78611296e2a9deeb13f3c21  x86_64/2006.0/RPMS/clamav-milter-0.88.1-0.1.20060mdk.x86_64.rpm
 0cdd6ea74f17fb4179d86005a0ee74a0  x86_64/2006.0/RPMS/clamd-0.88.1-0.1.20060mdk.x86_64.rpm
 e029708922271f57d28fb04fbfbc670e  x86_64/2006.0/RPMS/lib64clamav1-0.88.1-0.1.20060mdk.x86_64.rpm
 0c6075c66b0fc5aa791d661e4b356f7e  x86_64/2006.0/RPMS/lib64clamav1-devel-0.88.1-0.1.20060mdk.x86_64.rpm
 ee0dad2e6693a49018772d523b31caf7  x86_64/2006.0/SRPMS/clamav-0.88.1-0.1.20060mdk.src.rpm

 Corporate 3.0:
 338f4fde8dc1b3c025a0aafe7e3f1d16  corporate/3.0/RPMS/clamav-0.88.1-0.1.C30mdk.i586.rpm
 0b103f86de58322decb7eab357ae8303  corporate/3.0/RPMS/clamav-db-0.88.1-0.1.C30mdk.i586.rpm
 872ff963443a695f7339925e17751fb4  corporate/3.0/RPMS/clamav-milter-0.88.1-0.1.C30mdk.i586.rpm
 4398815889ab571ef8a88aaa1cd96d0c  corporate/3.0/RPMS/clamd-0.88.1-0.1.C30mdk.i586.rpm
 422f5145947d02532671885b115a6ef6  corporate/3.0/RPMS/libclamav1-0.88.1-0.1.C30mdk.i586.rpm
 8b14d93a15408fb129c66d1395c3595c  corporate/3.0/RPMS/libclamav1-devel-0.88.1-0.1.C30mdk.i586.rpm
 ad723ef00c23c3b8c36be5aee40abb15  corporate/3.0/SRPMS/clamav-0.88.1-0.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 01fd41e817e1d96789b1b9dc43cbd760  x86_64/corporate/3.0/RPMS/clamav-0.88.1-0.1.C30mdk.x86_64.rpm
 434648110ef5603f85049ae02e44b7e4  x86_64/corporate/3.0/RPMS/clamav-db-0.88.1-0.1.C30mdk.x86_64.rpm
 10a1d45e5d53d170112b1698fcdb66ba  x86_64/corporate/3.0/RPMS/clamav-milter-0.88.1-0.1.C30mdk.x86_64.rpm
 c1f38d2e0d753997b096c5e0fbf4f575  x86_64/corporate/3.0/RPMS/clamd-0.88.1-0.1.C30mdk.x86_64.rpm
 b1bd0032ab359f4a25b48675df76e1be  x86_64/corporate/3.0/RPMS/lib64clamav1-0.88.1-0.1.C30mdk.x86_64.rpm
 bc9dfa91d651edaf6957def3c502ec21  x86_64/corporate/3.0/RPMS/lib64clamav1-devel-0.88.1-0.1.C30mdk.x86_64.rpm
 ad723ef00c23c3b8c36be5aee40abb15  x86_64/corporate/3.0/SRPMS/clamav-0.88.1-0.1.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Home router security holes to be exposed at Def Con 22 hacker meet up
Edward Snowden Calls on Hackers to Help Whistleblowers Leak More Secrets
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.