Login
Newsletter
Werbung

Sicherheit: Denial of Service in clamav
Aktuelle Meldungen Distributionen
Name: Denial of Service in clamav
ID: MDKSA-2007:115
Distribution: Mandriva
Plattformen: Mandriva Corporate 3.0, Mandriva Corporate 4.0, Mandriva 2007.0, Mandriva 2007.1
Datum: Di, 5. Juni 2007, 04:48
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2650
Applikationen: Clam Antivirus

Originalnachricht

This is a multi-part message in MIME format...

------------=_1181011696-8862-7972


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2007:115
http://www.mandriva.com/security/
_______________________________________________________________________

Package : clamav
Date : June 4, 2007
Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

A vulnerability in the OLE2 parser in ClamAV was found that could
allow a remote attacker to cause a denial of service via resource
consumption with a carefully crafted OLE2 file.

Other vulnerabilities and bugs have also been corrected in 0.90.3
which is being provided with this update.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2650
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2007.0:
8f807a16b18ddd17fdcbbf563f0b225c
2007.0/i586/clamav-0.90.3-0.1mdv2007.0.i586.rpm
afcb2de5f26cc1fc07499cea6e5f4ffd
2007.0/i586/clamav-db-0.90.3-0.1mdv2007.0.i586.rpm
3ea7af875ea79a1efb2aec03e4e70e7e
2007.0/i586/clamav-milter-0.90.3-0.1mdv2007.0.i586.rpm
498a8e05cb31451382562c22dd8c6ca8
2007.0/i586/clamd-0.90.3-0.1mdv2007.0.i586.rpm
90cecf4adbf717672b54e5a18250447d
2007.0/i586/clamdmon-0.90.3-0.1mdv2007.0.i586.rpm
4c2b036b761d67aef27349f3bf6de11d
2007.0/i586/libclamav2-0.90.3-0.1mdv2007.0.i586.rpm
667c354d70642e8663edd469506fb488
2007.0/i586/libclamav2-devel-0.90.3-0.1mdv2007.0.i586.rpm
e472e368da522072b20a7773f4db5d22
2007.0/SRPMS/clamav-0.90.3-0.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
15636a6d8f3fd6537350b0a1b67741c3
2007.0/x86_64/clamav-0.90.3-0.1mdv2007.0.x86_64.rpm
097ede19d694a7f2d8d103bd16f9864b
2007.0/x86_64/clamav-db-0.90.3-0.1mdv2007.0.x86_64.rpm
68ebe1e39a0b25211e6c9dbeddcdefa6
2007.0/x86_64/clamav-milter-0.90.3-0.1mdv2007.0.x86_64.rpm
f0bd264bfdadc816759a438308b82cd7
2007.0/x86_64/clamd-0.90.3-0.1mdv2007.0.x86_64.rpm
30b6eb173aa40c39b6cd191433387a26
2007.0/x86_64/clamdmon-0.90.3-0.1mdv2007.0.x86_64.rpm
5164562d6affcacc64ade14d3acd23cd
2007.0/x86_64/lib64clamav2-0.90.3-0.1mdv2007.0.x86_64.rpm
b86a1162638401a101a08b52689df150
2007.0/x86_64/lib64clamav2-devel-0.90.3-0.1mdv2007.0.x86_64.rpm
e472e368da522072b20a7773f4db5d22
2007.0/SRPMS/clamav-0.90.3-0.1mdv2007.0.src.rpm

Mandriva Linux 2007.1:
378ad782e37e018e1e553d7c351ea358
2007.1/i586/clamav-0.90.3-0.1mdv2007.1.i586.rpm
d083214002090ae15d36c9463c78c29c
2007.1/i586/clamav-db-0.90.3-0.1mdv2007.1.i586.rpm
5316d47473a5c284f40fdb21c08b9d28
2007.1/i586/clamav-milter-0.90.3-0.1mdv2007.1.i586.rpm
ff430af11f2ba37bbcb521f93d71030a
2007.1/i586/clamd-0.90.3-0.1mdv2007.1.i586.rpm
ab9cac6d55dc192b5ffcaa5f356f6821
2007.1/i586/clamdmon-0.90.3-0.1mdv2007.1.i586.rpm
06daf5c409b7931ca02e88f85048225a
2007.1/i586/libclamav2-0.90.3-0.1mdv2007.1.i586.rpm
eb59ec3314ae85a0a2c400d725c1d984
2007.1/i586/libclamav2-devel-0.90.3-0.1mdv2007.1.i586.rpm
22132cc15d14520edd635019d06b874e
2007.1/SRPMS/clamav-0.90.3-0.1mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
03d79b409aa5c87570222a600ac92915
2007.1/x86_64/clamav-0.90.3-0.1mdv2007.1.x86_64.rpm
7cb3f180fa1bfc6cdaae4a7ae4088dc2
2007.1/x86_64/clamav-db-0.90.3-0.1mdv2007.1.x86_64.rpm
850deaafd4bb64b4c6a35772fffbd369
2007.1/x86_64/clamav-milter-0.90.3-0.1mdv2007.1.x86_64.rpm
9f3e3f88497ce3b769f5f6f7e05fd8ca
2007.1/x86_64/clamd-0.90.3-0.1mdv2007.1.x86_64.rpm
6f38934bee43286ecf2b8f7049c6dd1f
2007.1/x86_64/clamdmon-0.90.3-0.1mdv2007.1.x86_64.rpm
94f315377e8f33b936fff253eaa4e847
2007.1/x86_64/lib64clamav2-0.90.3-0.1mdv2007.1.x86_64.rpm
c7c1458f005b09c23bb2affb7b9aae0c
2007.1/x86_64/lib64clamav2-devel-0.90.3-0.1mdv2007.1.x86_64.rpm
22132cc15d14520edd635019d06b874e
2007.1/SRPMS/clamav-0.90.3-0.1mdv2007.1.src.rpm

Corporate 3.0:
d173ea9451a336aa56e834f1cd3d4882
corporate/3.0/i586/clamav-0.90.3-0.1.C30mdk.i586.rpm
2694fbbd622a5b312a523bc16993ff1c
corporate/3.0/i586/clamav-db-0.90.3-0.1.C30mdk.i586.rpm
647afdc7fcec85cc9190e2680b35000c
corporate/3.0/i586/clamav-milter-0.90.3-0.1.C30mdk.i586.rpm
2646c5e3f81c8d0b35229205bbba5344
corporate/3.0/i586/clamd-0.90.3-0.1.C30mdk.i586.rpm
bfd73b522c6d7cda7e7dd995a6e7e79b
corporate/3.0/i586/clamdmon-0.90.3-0.1.C30mdk.i586.rpm
aeca41b4f44f1f7ccbee306816f34259
corporate/3.0/i586/libclamav2-0.90.3-0.1.C30mdk.i586.rpm
78e8398b8f4b8663b0a0684acd6bd938
corporate/3.0/i586/libclamav2-devel-0.90.3-0.1.C30mdk.i586.rpm
3bdca91be114543785b82ff8da904c16
corporate/3.0/SRPMS/clamav-0.90.3-0.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
9d3ee2af6dbb5595bdbb1db33344bda5
corporate/3.0/x86_64/clamav-0.90.3-0.1.C30mdk.x86_64.rpm
22b70bcf86a90f84702f722a5eb5dbf1
corporate/3.0/x86_64/clamav-db-0.90.3-0.1.C30mdk.x86_64.rpm
6b9e3874400f1417318cac606a13bdec
corporate/3.0/x86_64/clamav-milter-0.90.3-0.1.C30mdk.x86_64.rpm
e18e2aab82234f1d6c4441e20fea15f0
corporate/3.0/x86_64/clamd-0.90.3-0.1.C30mdk.x86_64.rpm
0deb01240f12850c04b68e1b664fbb6a
corporate/3.0/x86_64/clamdmon-0.90.3-0.1.C30mdk.x86_64.rpm
e47416fc1e17beb2b99b804181272c79
corporate/3.0/x86_64/lib64clamav2-0.90.3-0.1.C30mdk.x86_64.rpm
5c90229eb99e94aa932fb33290ec555b
corporate/3.0/x86_64/lib64clamav2-devel-0.90.3-0.1.C30mdk.x86_64.rpm
3bdca91be114543785b82ff8da904c16
corporate/3.0/SRPMS/clamav-0.90.3-0.1.C30mdk.src.rpm

Corporate 4.0:
a21c2b1fb87e9fffacd85820727e2ffe
corporate/4.0/i586/clamav-0.90.3-0.1.20060mlcs4.i586.rpm
a7ae50da3c78dde47323fec240aa36d3
corporate/4.0/i586/clamav-db-0.90.3-0.1.20060mlcs4.i586.rpm
8ec25cea1228b0ba1bf15c9eea095de3
corporate/4.0/i586/clamav-milter-0.90.3-0.1.20060mlcs4.i586.rpm
c8dfe521c3578b1df2d1e0a2c5e71e4f
corporate/4.0/i586/clamd-0.90.3-0.1.20060mlcs4.i586.rpm
32dfdd00de21829792926c8c004f3cde
corporate/4.0/i586/clamdmon-0.90.3-0.1.20060mlcs4.i586.rpm
23849d5c8ab87ba99e746e4b3f28542c
corporate/4.0/i586/libclamav2-0.90.3-0.1.20060mlcs4.i586.rpm
8fc0841ab5d68e340e1fbe1289b407bb
corporate/4.0/i586/libclamav2-devel-0.90.3-0.1.20060mlcs4.i586.rpm
0b3f79671ad392182f4dbc810862565f
corporate/4.0/SRPMS/clamav-0.90.3-0.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
8ad7c2d47152f95df1a85603bed0ed6f
corporate/4.0/x86_64/clamav-0.90.3-0.1.20060mlcs4.x86_64.rpm
ee676819dcdcc147f4464892751113a6
corporate/4.0/x86_64/clamav-db-0.90.3-0.1.20060mlcs4.x86_64.rpm
4e6f85c45c5acad11628a2f6246ddd7c
corporate/4.0/x86_64/clamav-milter-0.90.3-0.1.20060mlcs4.x86_64.rpm
a1fe3eb1c616bd40f0d289a1ba17969d
corporate/4.0/x86_64/clamd-0.90.3-0.1.20060mlcs4.x86_64.rpm
d982b68a08dd7937518a2586ec01f0d7
corporate/4.0/x86_64/clamdmon-0.90.3-0.1.20060mlcs4.x86_64.rpm
31b0aa61a5c53209d9958b99118fbc44
corporate/4.0/x86_64/lib64clamav2-0.90.3-0.1.20060mlcs4.x86_64.rpm
dc14036a8b0862eff5db9da5f6622c87
corporate/4.0/x86_64/lib64clamav2-devel-0.90.3-0.1.20060mlcs4.x86_64.rpm
0b3f79671ad392182f4dbc810862565f
corporate/4.0/SRPMS/clamav-0.90.3-0.1.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGZIvVmqjQ0CJFipgRAqKFAJ9NN5N1g9d5BVPImqTEpuNLuCWE3gCgnQZH
nA89R8r/ADEJybA3wf+crQ0=
=Y8wF
-----END PGP SIGNATURE-----


------------=_1181011696-8862-7972
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1181011696-8862-7972--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung