ClamAV Denial of Service Vulnerability.

Text Box: Terms and Conditions Copyright® 2008 SecPod, All rights reserved. info@secpod.com

SecPod ID: 10055

ClamAV Denial of Service Vulnerability.

Status: Public Report

Release Date: 08-12-2008

Severity: High

CVSS Base Score: 8.5 (AV:N/AC:L/Au:NR/C:N/I:P/A:C)

CVSS Temporal Score = 6.6

Affected Software/OS/Device:

ClamAV prior to 0.94.2 on all running platforms.

Impact Level: Application

OpenVAS Plugin ID:

Snort Signature ID:

OVAL ID:

Vulnerability Insight:

Overview:

ClamAV is prone to Denial of Service Vulnerability.

Description:

This flaw is due to

- A infinite recursion error in the 'cli_check_jpeg_exploit' Function

in the jpeg parsing code in 'libclamav/special.c' file which can be

exploited by a crafted jpeg file.

Impact :

Successful exploitation will let the attacker execute malicious arbitrary

codes in the jpeg file and can cause denial of service to that service to

make that service unavailable to the legitimate user.

CVSS Score Report:

    ACCESS_VECTOR = NETWORK
    ACCESS_COMPLEXITY = LOW
    AUTHENTICATION = NOT_REQUIRED
    CONFIDENTIALITY_IMPACT = NONE
    INTEGRITY_IMPACT = PARTIAL
    AVAILABILITY_IMPACT = COMPLETE
    EXPLOITABILITY = PROOF_OF_CONCEPT
    REMEDIATION_LEVEL = OFFICIAL_FIX
    REPORT_CONFIDENCE = CONFIRMED
    CVSS Base Score = 8.5 (AV:N/AC:L/Au:NR/C:N/I:P/A:C)
    CVSS Temporal Score = 6.6
    Risk factor = High

Fix:

Upgrade to the latest version.
http://www.clamav.net/download

References:
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1266
http://www.vupen.com/english/advisories/2008/3311
http://secunia.com/Advisories/32926

Home Corporate Resources Report Security Bug Diary