Kolab Security Issue 13 20061019 (clamav)
Thomas Arendsen Hein
thomas at intevation.de
Thu Oct 19 17:27:50 CEST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Kolab Security Issue 13 20061019
================================
Package: Kolab Server, ClamAV
Vulnerability: heap overflow, remotely exploitable (CVE-2006-4182),
denial of service, remotely exploitable (CVE-2006-5295)
Kolab Specific: no
Dependent Packages: none
Summary
~~~~~~~
CVE-2006-4182
Damian Put discovered a heap overflow error in the script to rebuild
PE files, which could lead to the execution of arbitrary code.
CVE-2006-5295
Damian Put discovered that missing input sanitising in the CHM
handling code might lead to denial of service.
Affected Versions
~~~~~~~~~~~~~~~~~
This affects versions of ClamAV up to version 0.88.4.
Kolab Server 2.0.4 and Kolab Server 2.1beta2 are vulnerable.
Previous releases are affected.
Fix
~~~
Upgrade to ClamAV 0.88.5.
The ClamAV source RPM is available from the Kolab download mirrors as:
security-updates/20061019/clamav-0.88.5-2.20061018.src.rpm
A binary RPM for Kolab Server 2.0.4 (ix86 Debian GNU/Linux Sarge) is available:
security-updates/20061019/clamav-0.88.5-2.20061018.ix86-debian3.1-kolab.rpm
All other Server versions: Please build from the src.rpm.
The mirrors are listed on http://kolab.org/mirrors.html
While the mirrors are catching up, you can also get the package via rsync:
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/security-updates/20061019/clamav-0.88.5-2.20061018.src.rpm .
# rsync -tvP rsync://rsync.kolab.org/kolab/server/security-updates/security-updates/20061019/clamav-0.88.5-2.20061018.ix86-debian3.1-kolab.rpm .
MD5 sums:
d449d8970698e3bd3dd30eac7a1e4579 clamav-0.88.5-2.20061018.src.rpm
4c819dcaffe3602a927965115ff328d5 clamav-0.88.5-2.20061018.ix86-debian3.1-kolab.rpm
The package can be installed on your Kolab Server with
# /kolab/bin/openpkg rpm --rebuild clamav-0.88.5-2.20061018.src.rpm
# /kolab/bin/openpkg rpm \
-Uvh /kolab/RPM/PKG/clamav-0.88.5-2.20061018.<ARCH>-<OS>-kolab.rpm
Details
~~~~~~~
http://sourceforge.net/project/shownotes.php?release_id=455799
ClamAV 0.88.5 release notes
http://www.securityfocus.com/bid/20535
Clam Anti-Virus PE Rebuilding Heap Buffer Overflow Vulnerability
(CVE-2006-4182)
http://www.securityfocus.com/bid/20537
Clam Anti-Virus CHM Unpacker Denial Of Service Vulnerability
(CVE-2006-5295)
Timeline
~~~~~~~~
20061015 ClamAV release 0.88.5.
20061018 OpenPKG 0.88.5 package release.
20061019 Kolab Server security advisory published.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFFN5dhW7P1GVgWeRoRAqLQAKChYWtNVbzLGvVy4uuLuJuFQ9OwiACfQKS+
DeF+soaUL4p5iwtTZxagxNg=
=73VV
-----END PGP SIGNATURE-----
--
Email: thomas at intevation.de
http://intevation.de/~thomas/
More information about the users
mailing list