Info

Disclosure

Jul 24, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A remote overflow exists in Clam AntiVirus. Clam AntiVirus fails to perform adequate boundary check in libclamav/tnef.c, resulting in a heap overflow. With a specially crafted request, an attacker can gain privileges equal to those of the Clam AntiVirus process, possibly allowing for a remote system compromise.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified

Solution

Upgrade to version 0.86.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Clam AntiVirus	Clam AntiVirus	0.86.1
		0.85.x
		0.84.x
		0.83.x
		0.82.x
		0.81.x
		0.80.x
		0.75.x
		0.74.x
		0.73.x
		0.72.x
		0.71.x
		0.70.x

References

Security Tracker: 1014567
Secunia Advisory ID: 16180 16229 16250 16296 16458
Related OSVDB ID: 18258 18259
CVE ID: 2005-2450 (see also: NVD)
Keyword: email integer overflow
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-07/0547.html
Other Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000987
http://frontal1.mandriva.com/security/advisories?name=MDKSA-2005:125
http://www.debian.org/security/2005/dsa-776
http://www.gentoo.org/security/en/glsa/glsa-200507-25.xml
http://www.rem0te.com/public/images/clamav.pdf
Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=344514

Credit

Neel Mehta - -
Alex Wheeler - advisorieshustlelabs.com - Hustle Labs

Direct URL: http://osvdb.org/18257