ClamAV缓冲区溢出漏洞

admin
admin
admin
0
文章
0
评论
2022-07-16 07:12:55 CNNVD漏洞 来源:ZONE.CI 全球网 0 阅读模式

漏洞信息详情

ClamAV缓冲区溢出漏洞

  • CNNVD编号:CNNVD-200804-176
  • 危害等级: 中危
  • CVE编号: CVE-2008-1100
  • 漏洞类型: 缓冲区溢出
  • 发布时间: 2008-04-14
  • 威胁类型: 远程
  • 更新时间: 2021-07-14
  • 厂        商: clam_anti-virus
  • 漏洞来源: Alin Rad Pop

漏洞简介

ClamAV(Clam AntiVirus)是Clamav团队的一套免费且开源的杀毒软件。该软件用于检测木马、病毒、恶意软件和其他恶意威胁。

ClamAV存在缓冲区溢出漏洞,如果杀毒软件检测到了恶意的Upack文件时就会触发这个溢出,导致执行任意指令 。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:

CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Mac OS X Server 10.5

CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple MacOSXServerUpdCombo10.5.5.dmg

http://www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/support/downloads/

CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Mac OS X Server 10.5.1

CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple MacOSXServerUpdCombo10.5.5.dmg

http://www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/support/downloads/

CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Mac OS X Server 10.5.2

CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple MacOSXServerUpdCombo10.5.5.dmg

http://www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/support/downloads/

CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Mac OS X Server 10.5.3

CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple MacOSXServerUpdCombo10.5.5.dmg

http://www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/support/downloads/

CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple Mac OS X Server 10.5.4

CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple MacOSXServerUpd10.5.5.dmg

http://www.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/support/downloads/

参考网址

来源:US-CERT

名称: TA08-260A

链接:http://www.us-cert.gov/cas/techalerts/TA08-260A.HTML

来源:US-CERT

名称: VU#858595

链接:http://www.kb.cert.org/vuls/id/858595

来源: BID

名称: 28756

链接:http://www.securityfocus.com/bid/28756

来源: VUPEN

名称: ADV-2008-2584

链接:http://www.frsirt.com/english/advisories/2008/2584

来源: GENTOO

名称: GLSA-200805-19

链接:http://security.gentoo.org/glsa/glsa-200805-19.xml

来源: MISC

链接:http://secunia.com/secunia_research/2008-11/advisory/

来源: SECUNIA

名称: 31882

链接:http://secunia.com/advisories/31882

来源: SECUNIA

名称: 29000

链接:http://secunia.com/advisories/29000

来源: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple

名称: CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple-SA-2008-09-15

链接:http://lists.CMS.zone.ci/e/tags/htag.php?tag=Apple target=_blank class=infotextkey>Apple.com/archives/security-announce//2008/Sep/msg00005.HTML

来源: wwws.clamav.net

链接:https://wwws.clamav.net/bugzilla/show_bug.cgi?id=878

来源: FEDORA

名称: FEDORA-2008-3900

链接:https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.HTML

来源: FEDORA

名称: FEDORA-2008-3420

链接:https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.HTML

来源: FEDORA

名称: FEDORA-2008-3358

链接:https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.HTML

来源: XF

名称: clamav-cliscanpe-bo(41789)

链接:http://xforce.iss.net/xforce/xfdb/41789

来源: SECTRACK

名称: 1019837

链接:http://www.securitytracker.com/id?1019837

来源: BID

名称: 28784

链接:http://www.securityfocus.com/bid/28784

来源: MANDRIVA

名称: MDVSA-2008:088

链接:http://www.mandriva.com/security/advisories?name=MDVSA-2008:088

来源: VUPEN

名称: ADV-2008-1218

链接:http://www.frsirt.com/english/advisories/2008/1218/references

来源: DEBIAN

名称: DSA-1549

链接:http://www.debian.org/security/2008/dsa-1549

来源: SECUNIA

名称: 30328

链接:http://secunia.com/advisories/30328

来源: SECUNIA

名称: 30253

链接:http://secunia.com/advisories/30253

来源: SECUNIA

名称: 29975

链接:http://secunia.com/advisories/29975

来源: SECUNIA

名称: 29891

链接:http://secunia.com/advisories/29891

来源: SECUNIA

名称: 29886

链接:http://secunia.com/advisories/29886

来源: SECUNIA

名称: 29863

链接:http://secunia.com/advisories/29863

来源: SUSE

名称: SUSE-SA:2008:024

链接:http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.HTML

来源: kolab.org

链接:http://kolab.org/security/kolab-vendor-notice-20.txt

受影响实体

  • Clam_anti-Virus Clamav:0.92.1  
  • Clam_anti-Virus Clamav:0.92  

补丁

    暂无

weinxin
特别声明
本站(ZONE.CI)所有文章仅供技术研究,若将其信息做其他用途,由用户承担全部法律及连带责任,本站不承担任何法律及连带责任,请遵守中华人民共和国安全法.
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
咨询加Q:999999999
ZONE.CI 全球网 | 安全领域涉猎者-乌云独行地带
ZONE.CI 全球网 安全领域涉猎者-乌云独行地带
ClamAV缓冲区溢出漏洞 CNNVD漏洞

ClamAV缓冲区溢出漏洞

漏洞信息详情ClamAV缓冲区溢出漏洞CNNVD编号:CNNVD-200804-176危害等级: 中危CVE编号:CVE-2008-1100漏洞类型:缓冲区溢出发布时间:200
07-160 评论
获取本源码
售前咨询加Q:120433200
站媒体网仿《知更鸟》模板
获取本源码 zmt6.com
评论:0   参与:  0