Clam Anti-Virus ClamAV 拒绝服务漏洞

漏洞信息详情

Clam Anti-Virus ClamAV 拒绝服务漏洞

• CNNVD编号：CNNVD-200506-220
• 危害等级： 低危
  
  
• CVE编号：
  CVE-2005-2056
  
• 漏洞类型：
  
  
  资料不足
  
• 发布时间：
  
  2005-06-29
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  clam_anti-virus
• 漏洞来源：
  The vendor announc…

Clam AntiVirus (ClamAV) 0.86.1之前版本中的Quantum存档解压工具存在安全漏洞，远程攻击者可借助一个特制的Quantum存档来触发拒绝服务攻击(应用程序崩溃)。

目前厂商已经发布了升级补丁以修复这个安全问题，补丁下载链接：
Clam Anti-Virus ClamAV 0.51
Clam Anti-Virus clamav-0.86.1.tar.gz
http://prdownloads.sourceforge.net/clamav/clamav-0.86.1.tar.gz?downloa d
Clam Anti-Virus ClamAV 0.52
Clam Anti-Virus clamav-0.86.1.tar.gz
http://prdownloads.sourceforge.net/clamav/clamav-0.86.1.tar.gz?downloa d
Clam Anti-Virus ClamAV 0.53
Clam Anti-Virus clamav-0.86.1.tar.gz
http://prdownloads.sourceforge.net/clamav/clamav-0.86.1.tar.gz?downloa d
Clam Anti-Virus ClamAV 0.54
Clam Anti-Virus clamav-0.86.1.tar.gz
http://prdownloads.sourceforge.net/clamav/clamav-0.86.1.tar.gz?downloa d
Clam Anti-Virus ClamAV 0.60
Clam Anti-Virus clamav-0.86.1.tar.gz
http://prdownloads.sourceforge.net/clamav/clamav-0.86.1.tar.gz?downloa d
Clam Anti-Virus ClamAV 0.65
Clam Anti-Virus clamav-0.86.1.tar.gz
http://prdownloads.sourceforge.net/clamav/clamav-0.86.1.tar.gz?downloa d
Clam Anti-Virus ClamAV 0.67
Clam Anti-Virus clamav-0.86.1.tar.gz
http://prdownloads.sourceforge.net/clamav/clamav-0.86.1.tar.gz?downloa d
SuSE clamav-0.86.1-0.2.i586.rpm
SUSE Linux 9.1:
ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/clamav-0.86.1-0.2 .i586.rpm
Clam Anti-Virus ClamAV 0.68
Clam Anti-Virus clamav-0.86.1.tar.gz
http://prdownloads.sourceforge.net/clamav/clamav-0.86.1.tar.gz?downloa d
Clam Anti-Virus ClamAV 0.68 -1
Clam Anti-Virus clamav-0.86.1.tar.gz
http://prdownloads.sourceforge.net/clamav/clamav-0.86.1.tar.gz?downloa d
Clam Anti-Virus ClamAV 0.70
Clam Anti-Virus clamav-0.86.1.tar.gz
http://prdownloads.sourceforge.net/clamav/clamav-0.86.1.tar.gz?downloa d
Clam Anti-Virus ClamAV 0.80 rc4
Clam Anti-Virus clamav-0.86.1.tar.gz
http://prdownloads.sourceforge.net/clamav/clamav-0.86.1.tar.gz?downloa d
Clam Anti-Virus ClamAV 0.80
Clam Anti-Virus clamav-0.86.1.tar.gz
http://prdownloads.sourceforge.net/clamav/clamav-0.86.1.tar.gz?downloa d
Clam Anti-Virus ClamAV 0.80 rc3
Clam Anti-Virus clamav-0.86.1.tar.gz
http://prdownloads.sourceforge.net/clamav/clamav-0.86.1.tar.gz?downloa d
SuSE clamav-0.86.1-0.1.i586.rpm
SUSE Linux 9.2:
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/clamav-0.86.1-0.1 .i586.rpm
SuSE clamav-0.86.1-0.1.x86_64.rpm
SUSE Linux 9.2:
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/clamav-0.86.1-0 .1.x86_64.rpm
SuSE clamav-db-0.86.1-0.1.i586.rpm
SUSE Linux 9.2:
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/i586/clamav-db-0.86.1- 0.1.i586.rpm
SuSE clamav-db-0.86.1-0.1.x86_64.rpm
SUSE Linux 9.2:
ftp://ftp.suse.com/pub/suse/i386/update/9.2/rpm/x86_64/clamav-db-0.86. 1-0.1.x86_64.rpm

来源: GENTOO
名称: GLSA-200506-23
链接:http://www.gentoo.org/security/en/glsa/glsa-200506-23.xml

来源: sourceforge.net
链接:http://sourceforge.net/project/shownotes.php?release_id=337279

来源: BID
名称: 14058
链接:http://www.securityfocus.com/bid/14058

来源: SECUNIA
名称: 15811
链接:http://secunia.com/advisories/15811

来源: SUSE
名称: SUSE-SA:2005:038
链接:http://www.novell.com/linux/security/advisories/2005_38_clamav.html

来源: DEBIAN
名称: DSA-737
链接:http://www.debian.org/security/2005/dsa-737