Clam Anti-Virus ClamAV Arbitrary Command Execution Vulnerability
BID:10007
Info
Clam Anti-Virus ClamAV Arbitrary Command Execution Vulnerability
| Bugtraq ID: | 10007 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 30 2004 12:00AM |
| Updated: | Mar 30 2004 12:00AM |
| Credit: | Discovery is credited to l0om <[email protected]>. |
| Vulnerable: |
Clam Anti-Virus ClamAV 0.68 -1 Clam Anti-Virus ClamAV 0.68 Clam Anti-Virus ClamAV 0.67 Clam Anti-Virus ClamAV 0.65 Clam Anti-Virus ClamAV 0.60 Clam Anti-Virus ClamAV 0.54 Clam Anti-Virus ClamAV 0.53 Clam Anti-Virus ClamAV 0.52 Clam Anti-Virus ClamAV 0.51 |
| Not Vulnerable: |
Clam Anti-Virus ClamAV 0.70 |
Discussion
Clam Anti-Virus ClamAV Arbitrary Command Execution Vulnerability
It has been reported that ClamAV may be prone to an arbitrary command execution vulnerability that may allow a local attacker to execute arbitrary commands in the context of the root user. The issue presents itself when the 'VirusEvent' directive in the 'clamav.conf' configuration file has been enabled and the 'Dazuko' module is used with the antivirus software.
Although unconfirmed, all versions of the application are assumed to vulnerable at the moment. This information will be updated as more details become available.
It has been reported that ClamAV may be prone to an arbitrary command execution vulnerability that may allow a local attacker to execute arbitrary commands in the context of the root user. The issue presents itself when the 'VirusEvent' directive in the 'clamav.conf' configuration file has been enabled and the 'Dazuko' module is used with the antivirus software.
Although unconfirmed, all versions of the application are assumed to vulnerable at the moment. This information will be updated as more details become available.
Exploit / POC
Clam Anti-Virus ClamAV Arbitrary Command Execution Vulnerability
No exploit is required.
No exploit is required.
Solution / Fix
Clam Anti-Virus ClamAV Arbitrary Command Execution Vulnerability
Solution:
The vendor has released ClamAV version 0.70 to address this issue.
Gentoo has released an advisory GLSA 200405-03 to address this issue. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their systems:
emerge sync
emerge -pv ">=net-mail/clamav-0.70"
emerge ">=net-mail/clamav-0.70"
Clam Anti-Virus ClamAV 0.51
Clam Anti-Virus ClamAV 0.52
Clam Anti-Virus ClamAV 0.53
Clam Anti-Virus ClamAV 0.54
Clam Anti-Virus ClamAV 0.60
Clam Anti-Virus ClamAV 0.65
Clam Anti-Virus ClamAV 0.67
Clam Anti-Virus ClamAV 0.68 -1
Clam Anti-Virus ClamAV 0.68
Solution:
The vendor has released ClamAV version 0.70 to address this issue.
Gentoo has released an advisory GLSA 200405-03 to address this issue. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their systems:
emerge sync
emerge -pv ">=net-mail/clamav-0.70"
emerge ">=net-mail/clamav-0.70"
Clam Anti-Virus ClamAV 0.51
-
Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753
Clam Anti-Virus ClamAV 0.52
-
Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753
Clam Anti-Virus ClamAV 0.53
-
Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753
Clam Anti-Virus ClamAV 0.54
-
Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753
Clam Anti-Virus ClamAV 0.60
-
Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753
Clam Anti-Virus ClamAV 0.65
-
Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753
Clam Anti-Virus ClamAV 0.67
-
Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753
Clam Anti-Virus ClamAV 0.68 -1
-
Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753
Clam Anti-Virus ClamAV 0.68
-
Clam Anti-Virus clamav-0.70.tar.gz
http://sourceforge.net/project/showfiles.php?group_id=86638&package_id =90197&release_id=231753
References
Clam Anti-Virus ClamAV Arbitrary Command Execution Vulnerability
References:
References:
- Project Homepage (ClamAV)
- clamd - NEVER use "%f" in your "VirusEvent" (Rene
)