Mandriva: Updated clamav packages fix multiple
Posted by Benjamin D. Thomas   
Mandrake Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.93 release, including: ClamAV 0.92 allowed local users to overwrite arbitrary files via a symlink attack on temporary files or on .ascii files in sigtool, when utf16-decode is enabled (CVE-2007-6595). A heap-based buffer overflow in ClamAV 0.92.1 allowed remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary (CVE-2008-0314).
 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDVSA-2008:088
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : clamav
 Date    : April 17, 2008
 Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 Multiple vulnerabilities were discovered in ClamAV and corrected with
 the 0.93 release, including:
 
 ClamAV 0.92 allowed local users to overwrite arbitrary files via
 a symlink attack on temporary files or on .ascii files in sigtool,
 when utf16-decode is enabled (CVE-2007-6595).
 
 A heap-based buffer overflow in ClamAV 0.92.1 allowed remote attackers
 to execute arbitrary code via a crafted PeSpin packed PE binary
 (CVE-2008-0314).
 
 An integer overflow in libclamav prior to 0.92.1 allowed remote
 attackers to cause a denial of service and possibly execute arbitrary
 code via a crafted Petite packed PE file, which triggered a heap-based
 buffer overflow (CVE-2008-0318).
 
 An unspecified vulnerability in ClamAV prior to 0.92.1 triggered heap
 corruption (CVE-2008-0728).
 
 A buffer overflow in ClamAV 0.92 and 0.92.1 allowed remote attackers
 to execute arbitrary code via a crafted Upack PE file (CVE-2008-1100).
 
 ClamAV prior to 0.93 allowed remote attackers to cause a denial of
 service (CPU consumption) via a crafted ARJ archive (CVE-2008-1387).
 
 A heap-based buffer overflow in ClamAV 0.92.1 allowed remote attackers
 to execute arbitrary code via a crafted WWPack compressed PE binary
 (CVE-2008-1833).
 
 ClamAV prior to 0.93 allowed remote attackers to bypass the scanning
 engine via a RAR file with an invalid version number (CVE-2008-1835).
 
 A vulnerability in rfc2231 handling in ClamAV prior to 0.93 allowed
 remote attackers to cause a denial of service (crash) via a crafted
 message that produced a string that was not null terminated, triggering
 a buffer over-read (CVE-2008-1836).
 
 A vulnerability in libclamunrar in ClamAV prior to 0.93 allowed remote
 attackers to cause a denial of service (crash) via a crafted RAR file
 (CVE-2008-1837).
 
 Other bugs have also been corrected in 0.93 which is being provided
 with this update.  Because this new version has increased the major
 of the libclamav library, updated dependent packages are also being
 provided.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6595
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0314
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0318
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0728
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1100
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1387
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1833
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1835
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1836
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1837
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.1:
 c05a81dbd14d6c600e832d9381037042  2007.1/i586/clamav-0.93-1.1mdv2007.1.i586.rpm
 db2c84320facc592ffe2c09712b9b971  2007.1/i586/clamav-db-0.93-1.1mdv2007.1.i586.rpm
 3699f176cd5b553fec2c42d3ee8e43a2  2007.1/i586/clamav-milter-0.93-1.1mdv2007.1.i586.rpm
 58e25a7f7c238bfcccf0deb302a154c7  2007.1/i586/clamd-0.93-1.1mdv2007.1.i586.rpm
 365ea7e5fb57bff918f91b7a095972da  2007.1/i586/clamdmon-0.93-1.1mdv2007.1.i586.rpm
 1ed1a2b923cb5b628677063fe1463a4f  2007.1/i586/libclamav4-0.93-1.1mdv2007.1.i586.rpm
 b306ef4cb237f3ae238b2e08c3cca027  2007.1/i586/libclamav-devel-0.93-1.1mdv2007.1.i586.rpm 
 ae5b6bf4ece14eb185ad483b28db3482  2007.1/SRPMS/clamav-0.93-1.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 a314a7aa7623cb8f41268b5325ca08d9  2007.1/x86_64/clamav-0.93-1.1mdv2007.1.x86_64.rpm
 0a7d575891f7557802538686a9db7545  2007.1/x86_64/clamav-db-0.93-1.1mdv2007.1.x86_64.rpm
 612941aaafc892e22a41cad2c36cd20e  2007.1/x86_64/clamav-milter-0.93-1.1mdv2007.1.x86_64.rpm
 4a65cfc7d7a97e05e9e378ab9e0bcf06  2007.1/x86_64/clamd-0.93-1.1mdv2007.1.x86_64.rpm
 45b344ea9cbe23009431a20db3daafaa  2007.1/x86_64/clamdmon-0.93-1.1mdv2007.1.x86_64.rpm
 54e4b12eae908918f6d4af54f0b2d5cc  2007.1/x86_64/lib64clamav4-0.93-1.1mdv2007.1.x86_64.rpm
 43c30707c55ef4c133d1ca2fbb160bb6  2007.1/x86_64/lib64clamav-devel-0.93-1.1mdv2007.1.x86_64.rpm 
 ae5b6bf4ece14eb185ad483b28db3482  2007.1/SRPMS/clamav-0.93-1.1mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 f75515856969d475a2867a6160582620  2008.0/i586/clamav-0.93-1.1mdv2008.0.i586.rpm
 7070d5576d131fea390c83cbdd30333c  2008.0/i586/clamav-db-0.93-1.1mdv2008.0.i586.rpm
 262802e3de79f9533a0b0c62d9d1ee52  2008.0/i586/clamav-milter-0.93-1.1mdv2008.0.i586.rpm
 076a6d8a31fd1619ff1ddef8ffd1bd35  2008.0/i586/clamd-0.93-1.1mdv2008.0.i586.rpm
 26f01fa17c005b3cb13725931ebe13b3  2008.0/i586/clamdmon-0.93-1.1mdv2008.0.i586.rpm
 38bf9968cf43ec266a999dfded7aee93  2008.0/i586/klamav-0.42-1.1mdv2008.0.i586.rpm
 5258cd6add37130c1a57b39f9f267352  2008.0/i586/libclamav4-0.93-1.1mdv2008.0.i586.rpm
 4fe6ee0301ba35592474da4104e397c8  2008.0/i586/libclamav-devel-0.93-1.1mdv2008.0.i586.rpm 
 2c1996c405552074dd62b41709f1813c  2008.0/SRPMS/clamav-0.93-1.1mdv2008.0.src.rpm
 1ebf15643ffcd4529b40bdda43b29ad3  2008.0/SRPMS/klamav-0.42-1.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 0bc656b56619edac79befcd6ec53c3aa  2008.0/x86_64/clamav-0.93-1.1mdv2008.0.x86_64.rpm
 37f0ef87fea5cd6c308fc08d05424daa  2008.0/x86_64/clamav-db-0.93-1.1mdv2008.0.x86_64.rpm
 e2a67e07d8004edde97885bf72a3691f  2008.0/x86_64/clamav-milter-0.93-1.1mdv2008.0.x86_64.rpm
 5188e9cdded076959750aee1bad9c3bc  2008.0/x86_64/clamd-0.93-1.1mdv2008.0.x86_64.rpm
 17078a967a86b8e2f5040cf5d9c0245c  2008.0/x86_64/clamdmon-0.93-1.1mdv2008.0.x86_64.rpm
 b8ff5180ec750039d7c5f5100bbabebd  2008.0/x86_64/klamav-0.42-1.1mdv2008.0.x86_64.rpm
 195724b3f050dd731a765e59436e9fe4  2008.0/x86_64/lib64clamav4-0.93-1.1mdv2008.0.x86_64.rpm
 6285511ac80b0cac79f6cc2818113097  2008.0/x86_64/lib64clamav-devel-0.93-1.1mdv2008.0.x86_64.rpm 
 2c1996c405552074dd62b41709f1813c  2008.0/SRPMS/clamav-0.93-1.1mdv2008.0.src.rpm
 1ebf15643ffcd4529b40bdda43b29ad3  2008.0/SRPMS/klamav-0.42-1.1mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 2291dc10dfa99af51d48b70f03da9fa7  2008.1/i586/clamav-0.93-1.1mdv2008.1.i586.rpm
 e08e441ce02bb89bba6f623732306bd5  2008.1/i586/clamav-db-0.93-1.1mdv2008.1.i586.rpm
 c410e5c2b1a201e06473e815ff4aa158  2008.1/i586/clamav-milter-0.93-1.1mdv2008.1.i586.rpm
 fd7bbda7a9fab54a113480917b3c41da  2008.1/i586/clamd-0.93-1.1mdv2008.1.i586.rpm
 67470d87ea76b57aaf661155488708f1  2008.1/i586/clamdmon-0.93-1.1mdv2008.1.i586.rpm
 23a50fb03269c120caeabe858f59ee7a  2008.1/i586/dansguardian-2.9.9.2-4.1mdv2008.1.i586.rpm
 b46316a4c2fb1ad6003dd40097de6b96  2008.1/i586/klamav-0.42-1.1mdv2008.1.i586.rpm
 4b1801edc1f911495720dacd4cc6bb53  2008.1/i586/libclamav4-0.93-1.1mdv2008.1.i586.rpm
 98fcb6acf0c7798df6d1cb3aa4b56c2f  2008.1/i586/libclamav-devel-0.93-1.1mdv2008.1.i586.rpm 
 a37b7a66fc50ba007970d77d138b7d3e  2008.1/SRPMS/clamav-0.93-1.1mdv2008.1.src.rpm
 ba0171405e2d68adb7d8625537fa2453  2008.1/SRPMS/dansguardian-2.9.9.2-4.1mdv2008.1.src.rpm
 02d57d169add2ffbb1af006449c98826  2008.1/SRPMS/klamav-0.42-1.1mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 8786af4394da5e00505d3046a5bbd264  2008.1/x86_64/clamav-0.93-1.1mdv2008.1.x86_64.rpm
 0252521a932b5f34dc2ee2c48d65ce9b  2008.1/x86_64/clamav-db-0.93-1.1mdv2008.1.x86_64.rpm
 ebd8402e9726e03fcbd2f590b839b739  2008.1/x86_64/clamav-milter-0.93-1.1mdv2008.1.x86_64.rpm
 fb45839a94f656144a35e7a1d7adeb92  2008.1/x86_64/clamd-0.93-1.1mdv2008.1.x86_64.rpm
 010a98abf987f7af1002d8d4232a1829  2008.1/x86_64/clamdmon-0.93-1.1mdv2008.1.x86_64.rpm
 35e1466c514926807357786f829fe4f3  2008.1/x86_64/dansguardian-2.9.9.2-4.1mdv2008.1.x86_64.rpm
 0dd66bf9cba34d386ebf172de8644b3b  2008.1/x86_64/klamav-0.42-1.1mdv2008.1.x86_64.rpm
 f324ff84c6d88e6777296a9442d07b0d  2008.1/x86_64/lib64clamav4-0.93-1.1mdv2008.1.x86_64.rpm
 089e4aa77ab98bfe8fd1c0e3eb6e3127  2008.1/x86_64/lib64clamav-devel-0.93-1.1mdv2008.1.x86_64.rpm 
 a37b7a66fc50ba007970d77d138b7d3e  2008.1/SRPMS/clamav-0.93-1.1mdv2008.1.src.rpm
 ba0171405e2d68adb7d8625537fa2453  2008.1/SRPMS/dansguardian-2.9.9.2-4.1mdv2008.1.src.rpm
 02d57d169add2ffbb1af006449c98826  2008.1/SRPMS/klamav-0.42-1.1mdv2008.1.src.rpm

 Corporate 3.0:
 802a2269804bc78baf2c88401d24b400  corporate/3.0/i586/clamav-0.93-0.1.C30mdk.i586.rpm
 39576ec6547553eba0db0ed0d9c42607  corporate/3.0/i586/clamav-db-0.93-0.1.C30mdk.i586.rpm
 f7118f0c7fb44ae947b2930727b4997f  corporate/3.0/i586/clamav-milter-0.93-0.1.C30mdk.i586.rpm
 a16b22196f03442625ea857a7a3433ec  corporate/3.0/i586/clamd-0.93-0.1.C30mdk.i586.rpm
 989404f6f255353442f3c0502aada856  corporate/3.0/i586/clamdmon-0.93-0.1.C30mdk.i586.rpm
 124ef95e67b55b9ce9ab1f4811be729e  corporate/3.0/i586/libclamav4-0.93-0.1.C30mdk.i586.rpm
 a5c1051a86e4e32b9ec9c9d572bf5a26  corporate/3.0/i586/libclamav-devel-0.93-0.1.C30mdk.i586.rpm 
 c6bfee93246e9ba87df2bf0e4a7214d9  corporate/3.0/SRPMS/clamav-0.93-0.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 eba7a24e9512a9fba953ad7c149dfc2d  corporate/3.0/x86_64/clamav-0.93-0.1.C30mdk.x86_64.rpm
 607c373dee1c384de55e3c5b82b0944a  corporate/3.0/x86_64/clamav-db-0.93-0.1.C30mdk.x86_64.rpm
 d6276646656d6a3d03bb5e74678f378c  corporate/3.0/x86_64/clamav-milter-0.93-0.1.C30mdk.x86_64.rpm
 1da07994085e84c0950061aa12148a31  corporate/3.0/x86_64/clamd-0.93-0.1.C30mdk.x86_64.rpm
 5c078fd76834ce112782b22effd23605  corporate/3.0/x86_64/clamdmon-0.93-0.1.C30mdk.x86_64.rpm
 73d8f50b2e3b098d5d9e1b6b8bf901a2  corporate/3.0/x86_64/lib64clamav4-0.93-0.1.C30mdk.x86_64.rpm
 9ee5c7d1f10df4538c0977e727f839ce  corporate/3.0/x86_64/lib64clamav-devel-0.93-0.1.C30mdk.x86_64.rpm 
 c6bfee93246e9ba87df2bf0e4a7214d9  corporate/3.0/SRPMS/clamav-0.93-0.1.C30mdk.src.rpm

 Corporate 4.0:
 975e9550292dbff977188da05ea6dd64  corporate/4.0/i586/c-icap-client-210205-5.3.20060mlcs4.i586.rpm
 35c665f9abf63806e3d151d93f282194  corporate/4.0/i586/c-icap-modules-210205-5.3.20060mlcs4.i586.rpm
 45364ecd12c23c512c0c1293d95ba992  corporate/4.0/i586/c-icap-server-210205-5.3.20060mlcs4.i586.rpm
 403db09e526eb4f2a74b7e73e9e538bf  corporate/4.0/i586/clamav-0.93-0.1.20060mlcs4.i586.rpm
 52afc940c587a9cccd24bc441c8e017c  corporate/4.0/i586/clamav-db-0.93-0.1.20060mlcs4.i586.rpm
 f37a5f71e31c1c933eed20146ca84f9d  corporate/4.0/i586/clamav-milter-0.93-0.1.20060mlcs4.i586.rpm
 d0b941d1ac03b72b3042c381dfd0a1c9  corporate/4.0/i586/clamd-0.93-0.1.20060mlcs4.i586.rpm
 5192d4351a69efa83a8a9adb808a6b52  corporate/4.0/i586/clamdmon-0.93-0.1.20060mlcs4.i586.rpm
 724a9e1b6ae07a18a636a10e5c5b7f0f  corporate/4.0/i586/libc-icap0-210205-5.3.20060mlcs4.i586.rpm
 5b373def54bd9bf9664f72f8ff8e235c  corporate/4.0/i586/libc-icap0-devel-210205-5.3.20060mlcs4.i586.rpm
 857bc30e1f4424b67e144788b55de384  corporate/4.0/i586/libclamav4-0.93-0.1.20060mlcs4.i586.rpm
 5fa08b3ed8fe37c7674d9eabe2561dff  corporate/4.0/i586/libclamav-devel-0.93-0.1.20060mlcs4.i586.rpm
 285be2e785be1ceec6b9c35dd0247ddb  corporate/4.0/i586/php-clamav-0.12a-8.3.20060mlcs4.i586.rpm 
 d74e50cb3179f83fe58e63aedf9d5716  corporate/4.0/SRPMS/c-icap-210205-5.3.20060mlcs4.src.rpm
 79a48f32d7b18da918add4cfe33c4372  corporate/4.0/SRPMS/clamav-0.93-0.1.20060mlcs4.src.rpm
 77478e71bb36a4c14412be4b9ae7ada9  corporate/4.0/SRPMS/php-clamav-0.12a-8.3.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 b162f8f3d8119408b6278898c2b74a66  corporate/4.0/x86_64/c-icap-client-210205-5.3.20060mlcs4.x86_64.rpm
 f5572368d453aab6b8caae1c3ff9162a  corporate/4.0/x86_64/c-icap-modules-210205-5.3.20060mlcs4.x86_64.rpm
 02868c974ebd8c8b7457503c105a35e5  corporate/4.0/x86_64/c-icap-server-210205-5.3.20060mlcs4.x86_64.rpm
 d296a9cba6b78e8efd40df7673f76bad  corporate/4.0/x86_64/clamav-0.93-0.1.20060mlcs4.x86_64.rpm
 d8f8d78a35cfc1c2659bad00da841b9c  corporate/4.0/x86_64/clamav-db-0.93-0.1.20060mlcs4.x86_64.rpm
 fa0e00380be1891d72f0bd8a9d50b4fb  corporate/4.0/x86_64/clamav-milter-0.93-0.1.20060mlcs4.x86_64.rpm
 caf8350354766ec9e9addfa890c59a92  corporate/4.0/x86_64/clamd-0.93-0.1.20060mlcs4.x86_64.rpm
 469e48622bc724ee9c91d0db3fbc0be4  corporate/4.0/x86_64/clamdmon-0.93-0.1.20060mlcs4.x86_64.rpm
 2efa92677aeadd30341f16031d87daf9  corporate/4.0/x86_64/lib64c-icap0-210205-5.3.20060mlcs4.x86_64.rpm
 3fed3f44754620265f3321f363b476a9  corporate/4.0/x86_64/lib64c-icap0-devel-210205-5.3.20060mlcs4.x86_64.rpm
 1175e8e9c1270a393973640d9aa9670c  corporate/4.0/x86_64/lib64clamav4-0.93-0.1.20060mlcs4.x86_64.rpm
 a8ed0a65912e7a08a933f50d6b6340a7  corporate/4.0/x86_64/lib64clamav-devel-0.93-0.1.20060mlcs4.x86_64.rpm
 e8748e72f1ef3a66da6c211a02750c3b  corporate/4.0/x86_64/php-clamav-0.12a-8.3.20060mlcs4.x86_64.rpm 
 d74e50cb3179f83fe58e63aedf9d5716  corporate/4.0/SRPMS/c-icap-210205-5.3.20060mlcs4.src.rpm
 79a48f32d7b18da918add4cfe33c4372  corporate/4.0/SRPMS/clamav-0.93-0.1.20060mlcs4.src.rpm
 77478e71bb36a4c14412be4b9ae7ada9  corporate/4.0/SRPMS/php-clamav-0.12a-8.3.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team