copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Training
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login

  Home » Security Bul... » By Operating... » UNIX (all) » Solaris » ESB-2006.0899 -- [Win][UNIX/Linux][Debian] -- New cl...
 

ESB-2006.0899 -- [Win][UNIX/Linux][Debian] -- New clamav packages fix denial of service
Date: 11 December 2006

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                ESB-2006.0899 -- [Win][UNIX/Linux][Debian]
                 New clamav packages fix denial of service
                             11 December 2006

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              clamav
Publisher:            Debian
Operating System:     Debian GNU/Linux 3.1
                      UNIX variants (UNIX, Linux, OSX)
                      Windows
Impact:               Denial of Service
Access:               Remote/Unauthenticated
CVE Names:            CVE-2006-5874

Original Bulletin:    http://www.debian.org/security/2006/dsa-1232

Comment: This advisory references vulnerabilities in products which run on
         platforms other than Debian. It is recommended that administrators
         running clamav check for an updated version of the software for
         their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1232-1                    security@debian.org
http://www.debian.org/security/                         Moritz Muehlenhoff
December 9th, 2006                      http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : clamav
Vulnerability  : missing sanity checks
Problem-Type   : remote
Debian-specific: no
CVE ID         : CVE-2006-5874

Stephen Gran discovered that malformed base64-encoded MIME attachments
can lead to denial of service through a null pointer dereference.

For the stable distribution (sarge) this problem has been fixed in
version 0.84-2.sarge.12.

For the upcoming stable distribution (etch) this problem has been
fixed in version 0.86-1.

For the unstable distribution (sid) this problem has been fixed in
version 0.86-1.

We recommend that you upgrade your clamav package.


Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12.dsc
      Size/MD5 checksum:      874 5b916037233c2d9d181ea83f1d42d712
    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12.diff.gz
      Size/MD5 checksum:   177238 a782b435ee944e318fc88c4a0cdb67b2
    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84.orig.tar.gz
      Size/MD5 checksum:  4006624 c43213da01d510faf117daa9a4d5326c

  Architecture independent components:

    http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.84-2.sarge.12_all.deb
      Size/MD5 checksum:   154928 b32d2d2ece27947abc7b7c6330abf2b1
    http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.84-2.sarge.12_all.deb
      Size/MD5 checksum:   694464 eb184049df134a9006667e6785c24c25
    http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.84-2.sarge.12_all.deb
      Size/MD5 checksum:   123944 62365dceb1d3080f1164ce0a972fdf25

  Alpha architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_alpha.deb
      Size/MD5 checksum:    74764 be1106a34f9f141c035e5944b515d698
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_alpha.deb
      Size/MD5 checksum:    48832 16c19937df6b1e662518667bf0d0ee6f
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_alpha.deb
      Size/MD5 checksum:  2176478 42c9a257d406924bd2fcac05be372969
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_alpha.deb
      Size/MD5 checksum:    42112 19cf2cd6d553eba10a02ff592c12c94a
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_alpha.deb
      Size/MD5 checksum:   255854 038f4ce242d6db3705a8baf832e0e12f
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_alpha.deb
      Size/MD5 checksum:   285746 c0d001b91c29d95bd53737b2d7b5c547

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_amd64.deb
      Size/MD5 checksum:    68848 c0e28ed5358d1f5ebff13d61d6eb1eb4
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_amd64.deb
      Size/MD5 checksum:    44184 c88134266b22681595f3c7ed12334a4f
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_amd64.deb
      Size/MD5 checksum:  2173274 64577d98f3d80cfc1e6e74ff4d81fcd5
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_amd64.deb
      Size/MD5 checksum:    39996 b463aded3ec3448e8a577674cc257c31
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_amd64.deb
      Size/MD5 checksum:   176586 eeb2004aab6cc21d10384e5ca036a87c
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_amd64.deb
      Size/MD5 checksum:   259932 870f959c30fe9e7bcf48deac7fd6759b

  ARM architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_arm.deb
      Size/MD5 checksum:    63922 29edcdab52e56c2b72af6af97ca0c768
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_arm.deb
      Size/MD5 checksum:    39584 a8afdb2046b166a1b1f5b8a3e9b82e5e
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_arm.deb
      Size/MD5 checksum:  2171286 d8537b008fbb7bf022af9c388fd3e4ac
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_arm.deb
      Size/MD5 checksum:    37322 fd8f26bcf782fefba3c5a0530dcf2ec2
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_arm.deb
      Size/MD5 checksum:   174942 4e3f425067940ad951c5db80bedb1bde
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_arm.deb
      Size/MD5 checksum:   249834 941fa21a688be04473a079fca7e8a3b4

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_hppa.deb
      Size/MD5 checksum:    68282 2fb841851035efd52fefa7e724d590be
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_hppa.deb
      Size/MD5 checksum:    43280 d3c20fdeb6f4aebaa0dbe8ae90a5d184
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_hppa.deb
      Size/MD5 checksum:  2173744 4d0ea408992b3b0f96e7d17ff167a729
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_hppa.deb
      Size/MD5 checksum:    39452 c9c873ee637518fa15725c8490bf09bc
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_hppa.deb
      Size/MD5 checksum:   202738 457a65fb73cd55814e01dc86fe4e09d8
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_hppa.deb
      Size/MD5 checksum:   283560 80e6985db13798376fa0bd037180347b

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_i386.deb
      Size/MD5 checksum:    65210 e77f2ea59853a44c9de70078084818f7
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_i386.deb
      Size/MD5 checksum:    40316 a6277fe555ed016b66e31a8f12ae5900
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_i386.deb
      Size/MD5 checksum:  2171600 04bed8cc7a6fce37fadb00e7c3de0158
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_i386.deb
      Size/MD5 checksum:    38040 8f2f1d793f711032130b79374a3fe92d
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_i386.deb
      Size/MD5 checksum:   159766 ed10728241f21d9ca16958b69ef2835e
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_i386.deb
      Size/MD5 checksum:   254628 7a3362570c412ce45fef6af9836dc5a9

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_ia64.deb
      Size/MD5 checksum:    81826 d6ce185e7548aca1a6d9d5076dd02c62
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_ia64.deb
      Size/MD5 checksum:    55238 2048e4d1efbd87de9ab0bb0af1aad258
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_ia64.deb
      Size/MD5 checksum:  2180260 a2609594a563da9abfa754d24417a9c2
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_ia64.deb
      Size/MD5 checksum:    49194 017e5a956c866dfbf3fb25ac9ae9af92
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_ia64.deb
      Size/MD5 checksum:   252232 beb80dffdfc1bc355437f40b4694d783
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_ia64.deb
      Size/MD5 checksum:   317956 006317c527eac48b0328d53dab68863f

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_m68k.deb
      Size/MD5 checksum:    62522 7cbb98367bf49fcaaa4e17d740353fa1
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_m68k.deb
      Size/MD5 checksum:    38214 23b7e1072c74ead32b3c4de2732d90a6
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_m68k.deb
      Size/MD5 checksum:  2170512 24a34375e8aa0391b57695751778563c
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_m68k.deb
      Size/MD5 checksum:    35076 0a65ea328e6f2a9b6682dd5124dea45d
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_m68k.deb
      Size/MD5 checksum:   146374 257c0624826096b041dadfc21a722244
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_m68k.deb
      Size/MD5 checksum:   250616 6e80c1cf4c8bb7289e277c74d415e187

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_mips.deb
      Size/MD5 checksum:    67954 d241687159539050660a0b26e65ce420
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_mips.deb
      Size/MD5 checksum:    43788 464b8562f10bcb127cebd37192daaac9
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_mips.deb
      Size/MD5 checksum:  2173044 97ebd82f119d09500a4ff5ccd8c21cef
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_mips.deb
      Size/MD5 checksum:    37672 f39f4ff08d44f7e7994faf23b439af96
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_mips.deb
      Size/MD5 checksum:   195606 a206da343265cb7e8c780544036bd491
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_mips.deb
      Size/MD5 checksum:   257714 3d81be01bbdb7c0d48b4c97c8657c112

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_mipsel.deb
      Size/MD5 checksum:    67560 589421e196e11eb3536a2a8874af7d71
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_mipsel.deb
      Size/MD5 checksum:    43588 4822a893c5c7f476b9991ed8ff9930e1
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_mipsel.deb
      Size/MD5 checksum:  2173000 05c596728ad5d423d841522e5957e6e8
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_mipsel.deb
      Size/MD5 checksum:    37962 432ecd8c78aaa8ce80cd385ad5a4f0d8
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_mipsel.deb
      Size/MD5 checksum:   192076 77ab2250c971bb5f2a787cf904dc1176
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_mipsel.deb
      Size/MD5 checksum:   255302 b2806442ee7af4103edec95f86ed4bec

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_powerpc.deb
      Size/MD5 checksum:    69294 f737048437ce5bfc2843d757005bf902
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_powerpc.deb
      Size/MD5 checksum:    44670 fc9c04bd42f2b377c85e1ca40c2889ba
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_powerpc.deb
      Size/MD5 checksum:  2173674 a4b694e07e459765d2ba80471b83ef28
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_powerpc.deb
      Size/MD5 checksum:    38876 0af124304eac3624be255d4e92dbc32b
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_powerpc.deb
      Size/MD5 checksum:   187746 7b632f5ce2a16725010d83847031c992
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_powerpc.deb
      Size/MD5 checksum:   265086 a81c89ca24d3fba3204278ec33ee3f2e

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_s390.deb
      Size/MD5 checksum:    67892 9c6d6f8d31cfe729b0f14dc91f0111ed
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_s390.deb
      Size/MD5 checksum:    43564 8f0b63348907e2a45b905c6c631a53a4
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_s390.deb
      Size/MD5 checksum:  2172966 ac148963f872e961a99bda672d38bde4
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_s390.deb
      Size/MD5 checksum:    38910 f9bc46b646faacf26f825aac7afd35f5
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_s390.deb
      Size/MD5 checksum:   182718 cdce561be2f6cb23b1b29d834b2abac7
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_s390.deb
      Size/MD5 checksum:   269694 168fdcd3e7231fac67facaffdbd30744

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_sparc.deb
      Size/MD5 checksum:    64428 fc678da4d6ff9a60f1d0118857025c34
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_sparc.deb
      Size/MD5 checksum:    39472 59309047f49d149d61dcaa64a7c1d261
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_sparc.deb
      Size/MD5 checksum:  2171188 793f229374c70ed9f945effccaf4e18e
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_sparc.deb
      Size/MD5 checksum:    36854 24fa5876984aa5e633781edf408dcda1
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_sparc.deb
      Size/MD5 checksum:   175978 2fb86e8253a0f9a3da3bf1101f70168e
    http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_sparc.deb
      Size/MD5 checksum:   265034 2a31297ba3c110c4398c1dd09377e24e


  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFestkXm3vHE4uyloRAlieAJwMPkhURmgTDL437xbZKrxbOk8ibQCfZZJk
1FPy2XOJl4QKiCbYanQgjUI=
=GNUX
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBRXyxVih9+71yA2DNAQKiegQAiFezU+jADKx83tC+FNdmgzt7K+sEFIYi
7vqEzDcLJKAqGx/g+y5NVnLdoQSvmI++g/E8EQhPx+cmYRTjOoYrW8Hm/Z7cEsot
4s2S47rKulBnS0ggF2czV4TJgBgQRGvQ9aM2FeFd5mrReeFuTq3WH/35R9PDWQGl
Kv+f3H8HKX4=
=8pZl
-----END PGP SIGNATURE-----




Comments? Click here http://www.auscert.org.au/render.html?cid=33&it=7062