漏洞信息详情
ClamAV 'libclamav/pe.c'多个远程拒绝服务漏洞
- CNNVD编号:CNNVD-200904-177
- 危害等级: 中危
- CVE编号: CVE-2008-6680
- 漏洞类型: 数字错误
- 发布时间: 2009-04-08
- 威胁类型: 远程
- 更新时间: 2009-05-19
- 厂 商: clamav
- 漏洞来源: Jeffrey Thomas Pec...
漏洞简介
ClamAV 0.95之前版本中的libclamav/pe.c允许远程攻击者借助一个特制的EXE文件,引起拒绝服务攻击(崩溃)。该EXE文件会触发divide-by-zero错误。
漏洞公告
参考网址
来源: wwws.clamav.net 链接: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1335 来源: XF 名称: clamav-exe-dos(49845) 链接: http://xforce.iss.net/xforce/xfdb/49845 来源: VUPEN 名称: ADV-2009-0934 链接: http://www.vupen.com/english/advisories/2009/0934 来源: UBUNTU 名称: USN-754-1 链接: http://www.ubuntu.com/usn/usn-754-1 来源: BID 名称: 34357 链接: http://www.securityfocus.com/bid/34357 来源: MLIST 名称: [oss-security] 20090407 Re: CVE request: clamav clamd and clamscan DoS and bypass by malformated archive 链接: http://www.openwall.com/lists/oss-security/2009/04/07/6 来源: MANDRIVA 名称: MDVSA-2009:097 链接: http://www.mandriva.com/security/advisories?name=MDVSA-2009:097 来源: DEBIAN 名称: DSA-1771 链接: http://www.debian.org/security/2009/dsa-1771 来源: support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com 链接: http://support.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/kb/HT3865 来源: SECUNIA 名称: 36701 链接: http://secunia.com/advisories/36701 来源: SECUNIA 名称: 34716 链接: http://secunia.com/advisories/34716 来源: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple 名称: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple-SA-2009-09-10-2 链接: http://lists.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/archives/security-announce/2009/Sep/msg00004.HTML
受影响实体
- Clamav Clamav:0.94.2
- Clamav Clamav:0.94.1
- Clamav Clamav:0.94
- Clamav Clamav:0.93.1
补丁
暂无
评论