Info

Disclosure

Feb 09, 2004

Discovery

Feb 09, 2004

Dates

Exploit

Unknown

Solution

Unknown

Description

Clam AntiVirus contains a flaw that may allow a remote denial of service. The issue is triggered when a malformed UUEncoded message is sent, and will result in loss of availability for the service.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Solution: Upgrade
Disclosure: Vendor Verified
OSVDB: Security Software

Solution

Upgrade to version 0.67 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Tomasz Kojm

Clam AntiVirus

0.65

References

Secunia Advisory ID: 10826
ISS X-Force ID: 15077
CVE ID: 2004-0270 (see also: NVD)
Bugtraq ID: 9610
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-02/0216.html
http://marc.theaimsgroup.com/?l=bugtraq&m=107634700823822&w=2
Vendor Specific Solution URL: http://security.gentoo.org/glsa/glsa-200402-07.xml
Vendor URL: http://www.clamav.net/
Vendor Specific News/Changelog Entry: http://www.freebsd.org/cgi/query-pr.cgi?pr=62586

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/3894