Members
  • Total Members: 14176
  • Latest: toxxxa
Stats
  • Total Posts: 42869
  • Total Topics: 16078
  • Online Today: 3516
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Author Topic: ClamAV Confirms Critical Bug, Offers Patch  (Read 2811 times)

0 Members and 2 Guests are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
ClamAV Confirms Critical Bug, Offers Patch
« on: 15. April 2008., 18:22:42 »


A vulnerability in the popular open-source ClamAV anti-virus scanner can be exploited by attackers to execute malicious code, a security company announced Monday.

On Monday, the ClamAV team updated the scanner to fix the flaw.

According to Danish bug-tracking company Secunia , a vulnerability within the ""cli_scanpe()" function in "libclamav/pe.c" could be exploited with a rigged "Upack" file. In a warning posted Monday Secunia credited one of its own researchers, Alin Rad Pop, with finding and reporting the bug, and ranked the threat as "highly critical," its second-highest rating.

ClamAV is most often used to scan incoming files attachments at an e-mail gateway; although it's designed for UNIX, versions are available for Windows. Apple Inc. also packages ClamAV with its server operating systems, including the current production version of Mac OS X Server 10.5.

About a month ago, Apple issued a massive security update that fixed nearly 90 vulnerabilities in its operating systems, including nine ClamAV bugs present in Server 10.5, to bring Mac OS X's version in line with the still current ClamAV 0.90.3.

ClamAV version 0.93 patches the vulnerability disclosed today, and can be downloaded from the open-source project's Web site.

Prior to issuing the patch, ClamAV had remotely disabled the vulnerable module, said a ClamAV spokesman. "Note that 1 week ago the vulnerable module has been switched off via DCONF using a special CVD update so older installations cannot be exploited," said Luca Gibelli in an e-mail.

Users unable to deploy the patch who have also not updated ClamAV's signatures -- the program received those as CVD, or ClamAV Virus Database file -- should not scan untrusted PE (Portable Executable) files, Secunia recommended.

(Copyright by PC World Communications, Inc.)

Samker's Computer Forum - SCforum.info

ClamAV Confirms Critical Bug, Offers Patch
« on: 15. April 2008., 18:22:42 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising