[security-alerts] FW: [SA17184] Clam AntiVirus OLE2 Unpacker Potential Denial of Service

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> 
> 
> TITLE:
> Clam AntiVirus OLE2 Unpacker Potential Denial of Service
> 
> SECUNIA ADVISORY ID:
> SA17184
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/17184/
> 
> CRITICAL:
> Less critical
> 
> IMPACT:
> DoS
> 
> WHERE:
> From remote
> 
> SOFTWARE:
> Clam AntiVirus (clamav) 0.x
> http://secunia.com/product/2538/
> 
> DESCRIPTION:
> Marcin Owsiany has discovered a vulnerability in Clam AntiVirus,
> which potentially can be exploited by malicious people to cause a DoS
> (Denial of Service).
> 
> The vulnerability is caused due to an error in handling malformed
> OLE2 files (e.g. DOC files). This can be exploited to crash "clamd"
> via a specially crafted DOC file that causes "clamd" to call the
> "ole2_walk_property_tree()" function recursively.
> 
> Successful exploitation causes a DoS (e.g. if "clamd" is used by an
> email gateway), but requires that "clamd" is configured with a large
> value (e.g. > 10000) for the ArchiveMaxFiles option.
> 
> The vulnerability has been confirmed in version 0.87. Other versions
> may also be affected.
> 
> SOLUTION:
> Do not configure a large value for the ArchiveMaxFiles option.
> 
> PROVIDED AND/OR DISCOVERED BY:
> Marcin Owsiany
> 
> ORIGINAL ADVISORY:
> Debian:
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=333566
>