LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: August 25th, 2014
Linux Advisory Watch: August 15th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: Updated clamav packages fix vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake A vulnerability was discovered in ClamAV and corrected with the 0.93.1 release: libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read. (CVE-2008-2713) Other bugs have also been corrected in 0.93.1 which is being provided with this update.
 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDVSA-2008:122
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : clamav
 Date    : June 24, 2008
 Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 A vulnerability was discovered in ClamAV and corrected with the
 0.93.1 release:
 
 libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers
 to cause a denial of service via a crafted Petite file that triggers
 an out-of-bounds read. (CVE-2008-2713)
 
 Other bugs have also been corrected in 0.93.1 which is being provided
 with this update.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2713
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.1:
 d6e6d5fd080ce50027ef69af38f44a50  2007.1/i586/clamav-0.93.1-1.1mdv2007.1.i586.rpm
 91e412d5f2b30b49fddb09104ddf6bad  2007.1/i586/clamav-db-0.93.1-1.1mdv2007.1.i586.rpm
 c396b6cced87ba57938da86a79e63469  2007.1/i586/clamav-milter-0.93.1-1.1mdv2007.1.i586.rpm
 d79020b041aa6a7956348c799f0e0f8b  2007.1/i586/clamd-0.93.1-1.1mdv2007.1.i586.rpm
 b4c74f702d97e569c4ac3350b5216246  2007.1/i586/libclamav4-0.93.1-1.1mdv2007.1.i586.rpm
 9481877bd226e02ea263df47535d685f  2007.1/i586/libclamav-devel-0.93.1-1.1mdv2007.1.i586.rpm 
 bfeb68ce738cc1c44c89e2e84774a7f6  2007.1/SRPMS/clamav-0.93.1-1.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 dc70398b743d54094b2c9307686de01d  2007.1/x86_64/clamav-0.93.1-1.1mdv2007.1.x86_64.rpm
 5860690f58edb1c7f0a78a46fbb881ed  2007.1/x86_64/clamav-db-0.93.1-1.1mdv2007.1.x86_64.rpm
 a23d6ad5a58dab98d12c93e95d1fdfe9  2007.1/x86_64/clamav-milter-0.93.1-1.1mdv2007.1.x86_64.rpm
 e3be58ba2ce45b05274471a177ef2c6b  2007.1/x86_64/clamd-0.93.1-1.1mdv2007.1.x86_64.rpm
 0f747e4fe79afc573c739cfc4fba3604  2007.1/x86_64/lib64clamav4-0.93.1-1.1mdv2007.1.x86_64.rpm
 d7e202d2f083f1a7672380486eddb63f  2007.1/x86_64/lib64clamav-devel-0.93.1-1.1mdv2007.1.x86_64.rpm 
 bfeb68ce738cc1c44c89e2e84774a7f6  2007.1/SRPMS/clamav-0.93.1-1.1mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 58ebbfd98e8a588581fe00ecb872fc27  2008.0/i586/clamav-0.93.1-1.1mdv2008.0.i586.rpm
 33b0fdde3505f6a3e64790ae8d49c131  2008.0/i586/clamav-db-0.93.1-1.1mdv2008.0.i586.rpm
 318c705eadeb8d0ae72fb997b1b652d9  2008.0/i586/clamav-milter-0.93.1-1.1mdv2008.0.i586.rpm
 a5bcba636bc5a0abb93a6bb62f9666dc  2008.0/i586/clamd-0.93.1-1.1mdv2008.0.i586.rpm
 36fe2a64f4dd63b6787587cee1d2f6d7  2008.0/i586/libclamav4-0.93.1-1.1mdv2008.0.i586.rpm
 64e7f239d476d967e744ec98e8bbaaaf  2008.0/i586/libclamav-devel-0.93.1-1.1mdv2008.0.i586.rpm 
 31794216eeb43c8acde7f66c3c90a407  2008.0/SRPMS/clamav-0.93.1-1.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 841b6933ced6c1bcb4d8df1fe09d9e30  2008.0/x86_64/clamav-0.93.1-1.1mdv2008.0.x86_64.rpm
 773e720c69159676e8187f132c447a51  2008.0/x86_64/clamav-db-0.93.1-1.1mdv2008.0.x86_64.rpm
 1473b1bd46f2d266b9b426cc08c3bd11  2008.0/x86_64/clamav-milter-0.93.1-1.1mdv2008.0.x86_64.rpm
 67665907f1716da0c3d4e31728d2a26d  2008.0/x86_64/clamd-0.93.1-1.1mdv2008.0.x86_64.rpm
 5706994b50ed7b5703b1b455b91d1ee1  2008.0/x86_64/lib64clamav4-0.93.1-1.1mdv2008.0.x86_64.rpm
 cfa7bd1e44c43ecdece379b08baa42d5  2008.0/x86_64/lib64clamav-devel-0.93.1-1.1mdv2008.0.x86_64.rpm 
 31794216eeb43c8acde7f66c3c90a407  2008.0/SRPMS/clamav-0.93.1-1.1mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 bfb1edc3b761c6d630fb1e4bc5a21684  2008.1/i586/clamav-0.93.1-1.1mdv2008.1.i586.rpm
 0b2bde219f099d8ee612b6ba3578b729  2008.1/i586/clamav-db-0.93.1-1.1mdv2008.1.i586.rpm
 c7a28b464db932b55ee6ea2b37ffa801  2008.1/i586/clamav-milter-0.93.1-1.1mdv2008.1.i586.rpm
 f5516462a89259bb2720872cbff8a773  2008.1/i586/clamd-0.93.1-1.1mdv2008.1.i586.rpm
 4075f7b927cc5a2782170fa189d4061c  2008.1/i586/libclamav4-0.93.1-1.1mdv2008.1.i586.rpm
 b2cac58aa4c6fa30f51f253a1d76d73c  2008.1/i586/libclamav-devel-0.93.1-1.1mdv2008.1.i586.rpm 
 bbcef70312d273a5d64396f547a1b267  2008.1/SRPMS/clamav-0.93.1-1.1mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 25954d96b34972f1eff9f8d5d6131070  2008.1/x86_64/clamav-0.93.1-1.1mdv2008.1.x86_64.rpm
 7f80d7579e298971e218a2b7c55fadd1  2008.1/x86_64/clamav-db-0.93.1-1.1mdv2008.1.x86_64.rpm
 d7b71a1ac5d4776175f54085843e86ff  2008.1/x86_64/clamav-milter-0.93.1-1.1mdv2008.1.x86_64.rpm
 417cc63a86c768f3746c61c6ac2ec756  2008.1/x86_64/clamd-0.93.1-1.1mdv2008.1.x86_64.rpm
 897c52373d843fd8d6913b190008755d  2008.1/x86_64/lib64clamav4-0.93.1-1.1mdv2008.1.x86_64.rpm
 53498a5bcac565ef5bde747fb777a02f  2008.1/x86_64/lib64clamav-devel-0.93.1-1.1mdv2008.1.x86_64.rpm 
 bbcef70312d273a5d64396f547a1b267  2008.1/SRPMS/clamav-0.93.1-1.1mdv2008.1.src.rpm

 Corporate 3.0:
 f0dba56ce30fe45c3182fef7aabeb78a  corporate/3.0/i586/clamav-0.93.1-0.1.C30mdk.i586.rpm
 b2b6b6e8115fb26f1dcbf5d91c964c43  corporate/3.0/i586/clamav-db-0.93.1-0.1.C30mdk.i586.rpm
 8d9abd25a8a10f1a997371773643baae  corporate/3.0/i586/clamav-milter-0.93.1-0.1.C30mdk.i586.rpm
 19180f2835b6fc0d45bc141a71c16f5e  corporate/3.0/i586/clamd-0.93.1-0.1.C30mdk.i586.rpm
 f5fd464df26d56eef9871e389e303961  corporate/3.0/i586/libclamav4-0.93.1-0.1.C30mdk.i586.rpm
 45018ae43f0ae03f792c92ff9a461063  corporate/3.0/i586/libclamav-devel-0.93.1-0.1.C30mdk.i586.rpm 
 c04af720f4cd7977ce56fd8df74aa760  corporate/3.0/SRPMS/clamav-0.93.1-0.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 7c90dbfd62be67c5b80a66851c850115  corporate/3.0/x86_64/clamav-0.93.1-0.1.C30mdk.x86_64.rpm
 9de87454215778b01cf19d28c7f12455  corporate/3.0/x86_64/clamav-db-0.93.1-0.1.C30mdk.x86_64.rpm
 44fa657f08f4002c57a6e285a707fe9a  corporate/3.0/x86_64/clamav-milter-0.93.1-0.1.C30mdk.x86_64.rpm
 dc400142582e2a71c457b5ebc0910d7d  corporate/3.0/x86_64/clamd-0.93.1-0.1.C30mdk.x86_64.rpm
 6b1b886bc76a5d74bbce14b940cfc041  corporate/3.0/x86_64/lib64clamav4-0.93.1-0.1.C30mdk.x86_64.rpm
 38209d7e42fee1ed11b546d3051e9469  corporate/3.0/x86_64/lib64clamav-devel-0.93.1-0.1.C30mdk.x86_64.rpm 
 c04af720f4cd7977ce56fd8df74aa760  corporate/3.0/SRPMS/clamav-0.93.1-0.1.C30mdk.src.rpm

 Corporate 4.0:
 60f05b344ae9cce445e0dca85ab2c81e  corporate/4.0/i586/clamav-0.93.1-0.1.20060mlcs4.i586.rpm
 bf703aa241b7f4b6bb6d8c7c3ebe3ea1  corporate/4.0/i586/clamav-db-0.93.1-0.1.20060mlcs4.i586.rpm
 380accf13269177a90345c43f5747493  corporate/4.0/i586/clamav-milter-0.93.1-0.1.20060mlcs4.i586.rpm
 f07c62afc0fae6bef7b70c1a8ff41bff  corporate/4.0/i586/clamd-0.93.1-0.1.20060mlcs4.i586.rpm
 c320f5224c4c58a7cbc4e089c6ccd23c  corporate/4.0/i586/libclamav4-0.93.1-0.1.20060mlcs4.i586.rpm
 85bf45fcda26e4604c805dda06525949  corporate/4.0/i586/libclamav-devel-0.93.1-0.1.20060mlcs4.i586.rpm 
 4aed1ebe1a76e5ab5b82f7a473089f16  corporate/4.0/SRPMS/clamav-0.93.1-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 4ec940e0deecd0ee8e1d40e6e3677f7e  corporate/4.0/x86_64/clamav-0.93.1-0.1.20060mlcs4.x86_64.rpm
 93b41555ee924c7d121e2c1bf45cd197  corporate/4.0/x86_64/clamav-db-0.93.1-0.1.20060mlcs4.x86_64.rpm
 704f979eb6e9685ea75e3b4f68006cd9  corporate/4.0/x86_64/clamav-milter-0.93.1-0.1.20060mlcs4.x86_64.rpm
 6d77b053863261b147cfbba7a769cedc  corporate/4.0/x86_64/clamd-0.93.1-0.1.20060mlcs4.x86_64.rpm
 6920e123961a36b004938ba3356a3875  corporate/4.0/x86_64/lib64clamav4-0.93.1-0.1.20060mlcs4.x86_64.rpm
 a63edc2a6f9e36bdfb372baa0c2eab99  corporate/4.0/x86_64/lib64clamav-devel-0.93.1-0.1.20060mlcs4.x86_64.rpm 
 4aed1ebe1a76e5ab5b82f7a473089f16  corporate/4.0/SRPMS/clamav-0.93.1-0.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.