Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 




      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: @RISK: The Consensus Security Vulnerability Alert Vol. 6 No. 17

> ****************************************************************
> (10) MODERATE: ClamAV CAB File Processing Buffer Overflow
> Affected:
> ClamAV versions 0.90rc3 through 0.90.1
> Note that these versions are not shipped by default with most major
> Linux and Unix-like operating system distributions.
> Description: ClamAV, a popular open source antivirus 
> solution, contains
> a buffer overflow in its handling of Microsoft Cabinet (CAB) files. A
> specially-crafted CAB file could trigger this buffer overflow and
> execute arbitrary code with the privileges of the "clamd" 
> process. Note
> that the CAB file may be attached to an email transiting a network
> monitored by ClamAV. Since ClamAV is open source, technical 
> details for
> this vulnerability may be obtained via source code analysis.
> Status: ClamAV confirmed, updates available.
> Council Site Actions: The affected software and/or 
> configuration are not
> in production or widespread use, or are not officially 
> supported at any
> of the responding council sites. They reported that no action was
> necessary.
> References:
> iDefense Security Advisory
> http://archives.neohapsis.com/archives/bugtraq/2007-04/0250.html 
> ClamAV Release Notes
> http://sourceforge.net/project/shownotes.php?release_id=500765 
> SecurityFocus BID
> http://www.securityfocus.com/bid/23473 
> Part II - Comprehensive List of Newly Discovered Vulnerabilities from
> Qualys (www.qualys.com)
> Week 17, 2007
> This list is compiled by Qualys ( www.qualys.com ) as part of that
> company's ongoing effort to ensure its vulnerability management web
> service tests for all known vulnerabilities that can be scanned. As of
> this week Qualys scans for 5431 unique vulnerabilities. For 
> this special
> SANS community listing, Qualys also includes vulnerabilities 
> that cannot
> be scanned remotely.
> 07.17.21 CVE: Not Available
> Platform: Unix
> Title: ProFTPD AUTH Multiple Authentication Module Security Bypass
> Description: ProFTPD is an FTP server implementation that is available
> for Unix and Linux platforms. The application is exposed to a security
> restriction bypass issue due to an error in the AUTH API. ProFTPD 1.2
> and 1.3 branches are affected.
> Ref: http://bugs.proftpd.org/show_bug.cgi?id=2922
> ______________________________________________________________________
> 07.17.37 CVE: CVE-2007-1745, CVE-2007-1997
> Platform: Cross Platform
> Title: Clam AntiVirus ClamAV Multiple Remote Vulnerabilities
> Description: ClamAV is an antivirus application for Microsoft Windows
> and UNIX-like operating systems. The application is exposed to file
> descriptor leakage issue and a buffer overflow issue which affects
> "libclamav/cab.c" code. ClamAV version 0.90.2 is affected.
> Ref:
> http://labs.idefense.com/intelligence/vulnerabilities/display.
> php?id=513
> ______________________________________________________________________
> (c) 2007.  All rights reserved.  The information contained in this
> newsletter, including any external links, is provided "AS IS," with no
> express or implied warranty, for informational purposes only.  In some
> cases, copyright for material in this newsletter may be held by a
> party other than Qualys (as indicated herein) and permission to use
> such material must be requested from the copyright owner.


Copyright © Lexa Software, 1996-2009.