Vigil@nce: ClamAV, denials of service
December 2008 by Vigil@nce
An attacker can generate two denials of service on ClamAV.
– Gravity: 2/4
– Consequences: denial of service of service
– Provenance: document
– Means of attack: 1 attack
– Ability of attacker: technician (2/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Number of vulnerabilities in this bulletin: 2
– Creation date: 02/12/2008
IMPACTED PRODUCTS
– Clam AntiVirus
– Debian Linux
– Fedora
– Mandriva Corporate
– Mandriva Linux
DESCRIPTION
An attacker can generate two denials of service on ClamAV.
A JPEG image can generate an infinite recursion in the
cli_check_jpeg_exploit() function of libclamav/special.c, which
stops the daemon. [grav:2/4; CVE-2008-5314]
The cli_html_normalise() function of htmlnorm.c allocates 8200
bytes, but never frees them. An attacker can therefore
progressively use all memory. [grav:1/4]
CHARACTERISTICS
– Identifiers: BID-32555, CVE-2008-5314, DSA 1680-1,
FEDORA-2008-10809, MDVSA-2008:239, VIGILANCE-VUL-8276
– Url: http://vigilance.fr/vulnerability/8276