Security Advisory 03 for Kolab Server

Thomas Arendsen Hein thomas at intevation.de
Wed Sep 21 18:26:31 CEST 2005


Kolab Security Issue 03 20050921
================================

Package:              Kolab Server
Vulnerability:        buffer overflow, DOS, remotely exploitable
Kolab Specific:       no
Dependent Packages:   none


Summary
-------

The Clam AntiVirus package contains a boundary condition error and fails
to handle exceptional conditions, which can be exploited remotely.


Affected Versions
-----------------

This affects all servers which have ClamAV 0.86.2 or earlier versions running.
Kolab Server 2.0.1 and previous releases of the 2.0 branch are affected.


Fixes
-----

Upgrade to ClamAV 0.87.

A new ClamAV RPM is available from the Kolab download mirrors as
security-updates/20050921/clamav-0.87-20050916.src.rpm

A binary RPM for Debian woody (ix86) is available as
security-updates/20050921/clamav-0.87-20050916.ix86-debian3.0-kolab.rpm

The mirrors are listed on http://kolab.org/mirrors.html

While the mirrors are catching up, you can also get the package via rsync:
# rsync -tzv rsync://rsync.kolab.org/kolab/server/security-updates/20050921/clamav-0.87-20050916.src.rpm .


This package can be installed on your Kolab Server with

# /kolab/bin/openpkg rpm --rebuild clamav-0.87-20050916.src.rpm
# /kolab/bin/openpkg rpm \
  -Uvh /kolab/RPM/PKG/clamav-0.87-20050916.<ARCH>-<OS>-kolab.rpm

A new /kolab/etc/clamav/clamav.conf will probably be written, remove the
clamav.conf.rpmsave file, run kolabconf and make sure clamav starts:

# rm /kolab/etc/clamav/clamav.conf
# /kolab/sbin/kolabconf
# /kolab/etc/rc clamav start

##optional
# /kolab/bin/freshclam


Details
-------

http://www.securityfocus.com/bid/14866
	ClamAV UPX Compressed Executable Buffer Overflow Vulnerability

http://www.securityfocus.com/bid/14867
	ClamAV FSG Compressed Executable Infinite Loop DOS Vulnerability


Timeline
--------
    20050916 clamav vendor released combined security and functional update
    20050921 kolab update and security advisory published

-- 
Email: thomas at intevation.de
http://intevation.de/~thomas/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.kolab.org/pipermail/users/attachments/20050921/43152311/attachment.sig>


More information about the users mailing list