Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Debian: New clamav packages fix several vulnerabilities Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Debian Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. It was discovered that the RTF and RFC2397 parsers can be tricked into dereferencing a NULL pointer, resulting in denial of service.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 1366-1                                   Moritz Muehlenhoff
September 1st, 2007           
- --------------------------------------------------------------------------

Package        : clamav
Vulnerability  : several
Problem-Type   : remote
Debian-specific: no
CVE ID         : CVE-2007-4510 CVE-2007-4560

Several remote vulnerabilities have been discovered in the Clam anti-virus
toolkit. The Common Vulnerabilities and Exposures project identifies the
following problems:


    It was discovered that the RTF and RFC2397 parsers can be tricked
    into dereferencing a NULL pointer, resulting in denial of service.


    It was discovered clamav-milter performs insufficicient input
    sanitising, resulting in the execution of arbitrary shell commands.

The oldstable distribution (sarge) is only affected by a subset of 
the problems. An update will be provided later.

For the stable distribution (etch) these problems have been fixed
in version 0.90.1-3etch7.

For the unstable distribution (sid) these problems have been fixed in
version 0.91.2-1.

We recommend that you upgrade your clamav packages. 

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

  Source archives:
      Size/MD5 checksum:      886 76508137da0c93a144d130323f7eca87
      Size/MD5 checksum:   203232 127d4844eb36f41a52c67d461d554c09
      Size/MD5 checksum: 11643310 cd11c05b5476262eaea4fa3bd7dc25bf

  Architecture independent components:
      Size/MD5 checksum:   201648 4f87137fc2d9dc12ae774ed149c11080
      Size/MD5 checksum:  1003456 a2aacc240716f6da56c9cda24e288af1
      Size/MD5 checksum:   157834 820e470f5c428c599fc174e0fcadc7ee

  Alpha architecture:
      Size/MD5 checksum:   863492 e4bb31adae25ba8270c3a7693a5ac203
      Size/MD5 checksum:   184710 65a6b05e5f59a1373b27524267f81f61
      Size/MD5 checksum:   644772 fc182ead4b1858dd9e295a1e774f13c7
      Size/MD5 checksum:  9303850 fccfb44066fd7028855dd92ac61918ca
      Size/MD5 checksum:   180304 d34adfc21674bfd5f804f4c721aff9d5
      Size/MD5 checksum:   511144 223b48dbd9cb9a4003a67dbba4bf265e
      Size/MD5 checksum:   406406 6bca766fb1a86d0a58793f7f9603dd85

  AMD64 architecture:
      Size/MD5 checksum:   856522 cae033c2c4d2245ed0c3742982f9bb67
      Size/MD5 checksum:   178452 cf29bd7447cfc3163974b60cc29955a1
      Size/MD5 checksum:   638384 11df3244f048ed156ef97d99ddf13ee2
      Size/MD5 checksum:  9301956 ee98e922039c3ae2e58e00fa46f3682f
      Size/MD5 checksum:   177470 a2fc25aecce75dfd7b506bfd852110cd
      Size/MD5 checksum:   386568 6a1f79b33c45bbf7f63361c5bc3e5301
      Size/MD5 checksum:   367274 a313b9e7a274000923f2a4c508ce630d

  ARM architecture:
      Size/MD5 checksum:   852934 030a5f8950c9917033dd4a73e500d177
      Size/MD5 checksum:   171200 c37973b52dbee496410dc338826c89c3
      Size/MD5 checksum:   598014 2e698cb351c2a6821e4cc4a4c4f39d48
      Size/MD5 checksum:  9299226 06ca0c49348eb0deeddac6e1b4d87378
      Size/MD5 checksum:   175344 b38253709f390f65a27363f0d41e14c7
      Size/MD5 checksum:   366618 f555885ad50c5a205bfe52bc5c05bf32
      Size/MD5 checksum:   363474 47905b28d3fa482eb2ba05c08de1f395

  HP Precision architecture:
      Size/MD5 checksum:   857242 7d921dd3dc4d8dc97c8289e6ed2dc56c
      Size/MD5 checksum:   178162 f0e8edeadf8a35002982a166b84f5bd8
      Size/MD5 checksum:   618354 dd56899c90c0826a029ad632fe3d784e
      Size/MD5 checksum:  9303278 352b5455ef66f4faebf1622bba6d6abb
      Size/MD5 checksum:   177404 1d571b923902dfeadab4c4d79485ca24
      Size/MD5 checksum:   432894 5700bd90730816ae355bb969a3a0d726
      Size/MD5 checksum:   405100 8e2345c87a460779a4588a51b5d3d4fa

  Intel IA-32 architecture:
      Size/MD5 checksum:   853954 9cb2105c0b125d06b6cd55c3afc034df
      Size/MD5 checksum:   174810 26e058c602e245cdd93b617a6433f3eb
      Size/MD5 checksum:   604246 9229e00e4fd2f479c4991579527dda05
      Size/MD5 checksum:  9300180 2ea193af166b258bafc507ee39fe5ed5
      Size/MD5 checksum:   175306 a9249b84ddf8381fddaefdad2d838a7e
      Size/MD5 checksum:   367860 d88bcc54abe004b0cac9dace8b1a97cb
      Size/MD5 checksum:   365930 25dfe3b0f5db7fd318f508f981447c5b

  Intel IA-64 architecture:
      Size/MD5 checksum:   878502 6819ecbe6de1e78d7a794bd57be5242c
      Size/MD5 checksum:   201696 b6aad73bb42bc06ebe2c7e7cf6638e8e
      Size/MD5 checksum:   657016 a8700ddde5a27b6e5543c26b94ebaccb
      Size/MD5 checksum:  9315332 5e70f38d3e2c545c2a3a0e886a9d31bf
      Size/MD5 checksum:   191962 096679339d39f00c721efb8b443a4eaa
      Size/MD5 checksum:   521666 d782256097bd91daac7c281bc5b9c04a
      Size/MD5 checksum:   475118 9672c4a0370689ab46e98bbe4b5abdae

  Big endian MIPS architecture:
      Size/MD5 checksum:   854704 4c88a5d9a1dba0a9b1bff65a873b3088
      Size/MD5 checksum:   179932 6eddaad912a230c6b5e8d7b66503a99d
      Size/MD5 checksum:   647356 783a1e4fed71df9f0556616b54cb3a93
      Size/MD5 checksum:  9301594 fc06728c15469aace7857a24f5fc53ee
      Size/MD5 checksum:   175694 1389bf57964bee7e61a49fe148dfd06c
      Size/MD5 checksum:   435530 6ff83829f607222759f9bc74add7b77e
      Size/MD5 checksum:   372356 569d451c407c05823032836b2b44d89c

  Little endian MIPS architecture:
      Size/MD5 checksum:   854664 4d78fb80f34622cfabd610d707b74ed3
      Size/MD5 checksum:   180046 e2a0871e9171da32be01adf62ad1d128
      Size/MD5 checksum:   636224 2476d9168a9dc29ec7c466f87a234dbc
      Size/MD5 checksum:  9301726 91fbb41f97a05431b3a192b7fb1be1ab
      Size/MD5 checksum:   175936 bca774cbae1f58760b3e865189615238
      Size/MD5 checksum:   426980 282f62187b9cd468416f8fd614d4067c
      Size/MD5 checksum:   365596 6a7c6a9c3f466ec1af406bc5c58d8322

  PowerPC architecture:
      Size/MD5 checksum:   857324 71e8777c0bd9373b31bafc1aa00c8be0
      Size/MD5 checksum:   181870 76e72290201ed98010991f3639c6a87e
      Size/MD5 checksum:   637432 d3d0cf8a8288a340ade551737721ddcf
      Size/MD5 checksum:  9302318 7574fcc75525c788c93ff3b28b214458
      Size/MD5 checksum:   176394 9f861a15da4a7d3d460948dce1e97037
      Size/MD5 checksum:   405822 f84a324e6d6101046dce37495a5fc1db
      Size/MD5 checksum:   378474 ec5ab7ea0b45d507ad5ffd0bdd91921b

  IBM S/390 architecture:
      Size/MD5 checksum:   855284 451dd987867f18df691343826ae2f11f
      Size/MD5 checksum:   176424 46cc5eddcc876479e988b9e10e879f8c
      Size/MD5 checksum:   628526 2c75c9e4150a0b8eb0c6446e5d112735
      Size/MD5 checksum:  9300942 04eb856a3a44098ea1e483921e272c46
      Size/MD5 checksum:   177166 52c5cba6197a33b62c912bfddde59782
      Size/MD5 checksum:   401818 b8f39319d247f3aa8077c5cfd308185c
      Size/MD5 checksum:   391486 24119acc8394847bbde1a957449b0f15

  Sun Sparc architecture:
      Size/MD5 checksum:   851414 6da36840b5725d962426971f01e2419c
      Size/MD5 checksum:   172124 0ad57992d8e2538850137a3b9580dfc0
      Size/MD5 checksum:   584052 69fd3f5d67b2a54b1735414184f6a92c
      Size/MD5 checksum:  9298816 2c3e7b1aa338c7fb3d04ce3807ec28bd
      Size/MD5 checksum:   174044 16c23d0e5057d3d852e21ad226601ec2
      Size/MD5 checksum:   389466 45e786e946ddde5fc22c9532a7169f5e
      Size/MD5 checksum:   377484 58b6b3b0d422300d241f406f9985cfa9

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Feds Charged With Stealing Money During Silk Road Investigation
EFF questions US government's software flaw disclosure policy
Hotel Router Vulnerability A Reminder Of Untrusted WiFi Risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.