Vigil@nce: ClamAV, two denials of service
April 2009 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can use a malformed TAR or PE file in order to create
two denials of service in ClamAV.
Severity: 2/4
Consequences: denial of service of service
Provenance: document
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 2
Creation date: 06/04/2009
IMPACTED PRODUCTS
– Clam AntiVirus
DESCRIPTION OF THE VULNERABILITY
The ClamAV antivirus implements several file formats in order to
detect a virus hidden inside.
The PE format is used to encode programs under Windows. The
"—detect-broken" option of ClamAV enables the detection of
malformed files. When "—detect-broken" is enabled, a malformed PE
file generates a division by zero in ClamAV. [grav:1/4;
CVE-2008-6680]
A TAR archive can generate an infinite loop in libclamav/untar.c.
[grav:2/4; CVE-2009-1270]
An attacker can therefore use a malformed file in order to create
two denials of service in ClamAV.
CHARACTERISTICS
Identifiers: BID-34357, CVE-2008-6680, CVE-2009-1270, TZO-05-2009,
VIGILANCE-VUL-8600
http://vigilance.fr/vulnerability/ClamAV-two-denials-of-service-8600