copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2007.0558 -- [Win][UNIX/Linux][Debian] -- New ClamAV packages fix denial of service

Date: 25 July 2007

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                ESB-2007.0558 -- [Win][UNIX/Linux][Debian]
                 New ClamAV packages fix denial of service
                               25 July 2007

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              ClamAV 0.90 and prior
Publisher:            Debian
Operating System:     UNIX variants (UNIX, Linux, OSX)
                      Windows
                      Debian GNU/Linux 4.0
Impact:               Denial of Service
Access:               Remote/Unauthenticated
CVE Names:            CVE-2007-3725

Original Bulletin:    http://www.debian.org/security/2007/dsa-1340

Comment: This advisory references vulnerabilities in products which run on
         platforms other than Debian. It is recommended that administrators
         running ClamAV check for an updated version of the software for
         their operating system.

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1340-1                    security@debian.org
http://www.debian.org/security/                             Martin Schulze
July 24th, 2007                         http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : clamav
Vulnerability  : null pointer dereference
Problem type   : local (remote)
Debian-specific: no
CVE ID         : CVE-2007-3725

A NULL pointer dereference has been discovered in the RAR VM of Clam
Antivirus (ClamAV) which allows user-assisted remote attackers to
cause a denial of service via a specially crafted RAR archives.

We are currently unable to provide fixed packages for the MIPS
architectures.  Those packages will be installed in the security
archive when they become available.

The old stable distribution (sarge) is not affected by this problem.

For the stable distribution (etch) this problem has been fixed in
version 0.90.1-3etch4.

For the unstable distribution (sid) this problem has been fixed in
version 0.91-1.

We recommend that you upgrade your clamav packages.


Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 4.0 alias etch
- - -------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4.dsc
      Size/MD5 checksum:      886 4322482c1fb82b108aa43cb9db54efd1
    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4.diff.gz
      Size/MD5 checksum:   201403 a5c2bfc45cc81fd1f85c3bfca605c2eb
    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1.orig.tar.gz
      Size/MD5 checksum: 11643310 cd11c05b5476262eaea4fa3bd7dc25bf

  Architecture independent components:

    http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.90.1-3etch4_all.deb
      Size/MD5 checksum:   201448 cf1df37f823c25b62bb341da58b13cb9
    http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.90.1-3etch4_all.deb
      Size/MD5 checksum:  1003244 fda3003977260e1b5cea1547167d492c
    http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.90.1-3etch4_all.deb
      Size/MD5 checksum:   157626 548abf569b73b094e3807888f2f5038d

  Alpha architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_alpha.deb
      Size/MD5 checksum:   863288 10878c8e050e17086aeea82678293c08
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_alpha.deb
      Size/MD5 checksum:   184482 cc5eca7ca9f6c3d7c9cb64557b975d8b
    http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_alpha.deb
      Size/MD5 checksum:   644222 71b240e73b41ea5a62a2e481c3ed3147
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_alpha.deb
      Size/MD5 checksum:  9303578 91aa4799771e9f6a366a84f8be4a0154
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_alpha.deb
      Size/MD5 checksum:   179638 16cb1cdf55b0f6cc983ef3c224b6ad42
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_alpha.deb
      Size/MD5 checksum:   510846 dfd5016fdaa269c808d1585eeb29b682
    http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_alpha.deb
      Size/MD5 checksum:   406172 76b0ab23e443a074b089e23f63c1b996

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_amd64.deb
      Size/MD5 checksum:   856292 ae79ee69acb68b7edc2938e74df07572
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_amd64.deb
      Size/MD5 checksum:   178250 919ffe6a6d8f087f7c64f561de240dcb
    http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_amd64.deb
      Size/MD5 checksum:   637868 96df7a341a13a1dcfa3726da88270285
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_amd64.deb
      Size/MD5 checksum:  9301706 97194c4ceb5cc69c897becba8509f5c6
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_amd64.deb
      Size/MD5 checksum:   176744 e9870bb2dbb4cae1415e7da8043f6d83
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_amd64.deb
      Size/MD5 checksum:   386328 cb0f86bd159db1925ec39157c345f20e
    http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_amd64.deb
      Size/MD5 checksum:   367102 f79837717dee7f6a9aaa9c1817fed77e

  ARM architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_arm.deb
      Size/MD5 checksum:   851824 9fc5cd7039da4dde8f570720c08fdc99
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_arm.deb
      Size/MD5 checksum:   173452 ce3d61f700ed0607ebb71307928976da
    http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_arm.deb
      Size/MD5 checksum:   597194 f38f065738f1cafba9a3c42922223709
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_arm.deb
      Size/MD5 checksum:  9299488 10799147def77a149669c56346cc287a
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_arm.deb
      Size/MD5 checksum:   174552 e16ae0c225af49669e082239fc39a76c
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_arm.deb
      Size/MD5 checksum:   366682 8a95f23f368df1453b461a3da2c7e23c
    http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_arm.deb
      Size/MD5 checksum:   362572 39aba5c87cc8a8023c512926f095611b

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_hppa.deb
      Size/MD5 checksum:   857062 5fa4607f52271c43e9f277c69ea934f6
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_hppa.deb
      Size/MD5 checksum:   177964 17e85986371220f8bb54a9cd8368309a
    http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_hppa.deb
      Size/MD5 checksum:   617892 c27423a2aa54314d371cd517f52b0c61
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_hppa.deb
      Size/MD5 checksum:  9303060 034452cd5c442565ec7d150ed5b46e06
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_hppa.deb
      Size/MD5 checksum:   176816 27a3c13573a79dc97e7aea6a79c53ef4
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_hppa.deb
      Size/MD5 checksum:   432748 96afeaa27862183bea23b961600d93fe
    http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_hppa.deb
      Size/MD5 checksum:   404838 0573b674780cbc47d19ac0ddcf183496

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_i386.deb
      Size/MD5 checksum:   853720 51d46ae39ed2a720e584b5b52b2d3409
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_i386.deb
      Size/MD5 checksum:   174618 d07358cba9e467fdf2159739016d00a7
    http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_i386.deb
      Size/MD5 checksum:   603774 2987ddb46e82447f8e6e20d33080aa37
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_i386.deb
      Size/MD5 checksum:  9300044 d9f5a5d77235452c19669d71a6a13a93
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_i386.deb
      Size/MD5 checksum:   174752 c863d6372b97823c5cd052b22ade00b0
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_i386.deb
      Size/MD5 checksum:   367668 b1380aa6e0fe222916605f08a89c16f9
    http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_i386.deb
      Size/MD5 checksum:   365686 156a20aba1b91eb24f8a8b668e3a46cd

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_ia64.deb
      Size/MD5 checksum:   878298 2a2420da2db40f69e7654689845fa2b0
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_ia64.deb
      Size/MD5 checksum:   201470 70a6f87e38268e27afd74951851eca94
    http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_ia64.deb
      Size/MD5 checksum:   656106 f92e7ef6ab087b48e264e4628b87a785
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_ia64.deb
      Size/MD5 checksum:  9315074 f72f2a6a7445f23a2ab5652ac79237bc
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_ia64.deb
      Size/MD5 checksum:   191134 f79c94fa3326f59a37546f6e49a25303
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_ia64.deb
      Size/MD5 checksum:   521332 c5a2c75acf87f4e41160ec1e9fd3af72
    http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_ia64.deb
      Size/MD5 checksum:   474822 b5c2e4e6a30d056e05677055d220c283

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_powerpc.deb
      Size/MD5 checksum:   857106 5da0964bfba1524143595c0ea23dfde9
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_powerpc.deb
      Size/MD5 checksum:   181682 9805bff29a56e84a23a904ef1604723c
    http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_powerpc.deb
      Size/MD5 checksum:   636886 5a2a9d659d39f9363b0faa092f0ae32f
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_powerpc.deb
      Size/MD5 checksum:  9302070 0d906d48dd85f6ea63263e0580e55de8
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_powerpc.deb
      Size/MD5 checksum:   175854 2cc7ed815f9882cd268112c4ac8e0aa1
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_powerpc.deb
      Size/MD5 checksum:   405626 aa7a50f217ddb1a2637c79a3e83aad4a
    http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_powerpc.deb
      Size/MD5 checksum:   378180 a14d2b513f173bfbf3ce486b45d383bb

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_s390.deb
      Size/MD5 checksum:   855060 bbf174ba8e4b8185f093a368a4fd3068
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_s390.deb
      Size/MD5 checksum:   176256 08b08bf7eccd915ced8b284af52e2c0b
    http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_s390.deb
      Size/MD5 checksum:   627908 2453d58f7113081a6ba90f45c6448dc0
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_s390.deb
      Size/MD5 checksum:  9300764 19ab312ca93be29295380d0f0f965c97
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_s390.deb
      Size/MD5 checksum:   176424 c2ed7fde9ba790fb495428f318a4c6a7
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_s390.deb
      Size/MD5 checksum:   401622 18ea76e737dfa67aebfd7b62b68dbd94
    http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_s390.deb
      Size/MD5 checksum:   391172 795d593d6bdfcf5cbf16ba692fc54395

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_sparc.deb
      Size/MD5 checksum:   851152 110dd04af9f54ee83c7312e096cd9201
    http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_sparc.deb
      Size/MD5 checksum:   171902 53ce9d7055da42e07f28685a03a52592
    http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_sparc.deb
      Size/MD5 checksum:   584004 c859bae90ea21251b8faa4114eb7b9df
    http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_sparc.deb
      Size/MD5 checksum:  9298608 de87f85e9dd4e74fb3f1b3d85bcb53c0
    http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_sparc.deb
      Size/MD5 checksum:   173534 9cca508f4a123f194872d6c6f8b5af0b
    http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_sparc.deb
      Size/MD5 checksum:   389104 5432b26c75aa4ba4579d0c0eaaa42fdd
    http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_sparc.deb
      Size/MD5 checksum:   377310 0ecb88683024a0cc7ec48f715419cd0e


  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGpakUW5ql+IAeqTIRAqbvAJ9vOXlEgRCXOoveSIztfNE3alRAUwCeN6/Z
ycgTsKuTI/fIPW5ekwqtGGU=
=w//P
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBRqbMGih9+71yA2DNAQKp3gP/e2csxcUwuYamHN4/jqASXUNGTN46SOzI
wTu4qgW6h4/iBE2dxjj/H9qB2s98vlh4CzdqZbuLFOovCT2NS3AaGjqgief/E8sP
gNh8Y0zBfWh7MmBasjpwDA2qQN2EJBII6z5duBQeIxUZzVZnARJYddPW1bqy/l8Z
RQ1Mn0AKA88=
=elJC
-----END PGP SIGNATURE-----