Mandriva liberó una actualización para Clamav. Esta repara varias vulnerabilidades que pueden explotarse para ocasionar una negación de servicio (DoS) y comprometer un sistema vulnerable.
Mandriva Security Advisory
MDKSA-2005:205 / clamav
Mandrake 10.1 | Clam AntiVirus (clamav) | <= | 0.87 |
Mandrake 10.2 | Clam AntiVirus (clamav) | <= | 0.87 |
Mandrake CS3.0 | Clam AntiVirus (clamav) | <= | 0.87 |
Mandrake LE2005/X86_64 | Clam AntiVirus (clamav) | <= | 0.87 |
Mandriva liberó una actualización para Clamav. Esta repara varias vulnerabilidades que pueden explotarse por personas maliciosas para ocasionar una negación de servicio (DoS) y comprometer un sistema vulnerable.
ClamAV tiene varios huecos de seguridad: un error en el control de los límites de la memoria en "petite.c", un incorrecto cálculo de buffer en "fsg.c", un posible ciclo infinito en "tnef.c" y en "cabd.c". Además de que un archivo DOC malicioso ocasiona una violación de segmento. Con lo anterior, un atacante podría ocasionar un DoS o ejecutar código arbitrario.
Ver:
Vulnerabilidades al manejar archivos TNEF/CAB/FSG en Clam AntiVirus.
http://www.seguridad.unam.mx/vulnerabilidadesDB-vulne=4895
Negación de servicio (DoS).
Acceso al sistema.
Aplicar paquetes actualizados.
Mandrakelinux 10.1
2c8a8799bda10e6695bc2ee6d1f76936 10.1/RPMS/clamav-0.87.1-0.1.101mdk.i586.rpm 6e31a793ae79cb40064c52fe64c11155 10.1/RPMS/clamav-db-0.87.1-0.1.101mdk.i586.rpm e58b5816114176f8c4ff7984e5a8295e 10.1/RPMS/clamav-milter-0.87.1-0.1.101mdk.i586.rpm d1604de5950ed1060c327cea79060546 10.1/RPMS/clamd-0.87.1-0.1.101mdk.i586.rpm ca64314db8e86e57ba76c1c569058122 10.1/RPMS/libclamav1-0.87.1-0.1.101mdk.i586.rpm c99ffb5b095e8e83acd218b679435c03 10.1/RPMS/libclamav1-devel-0.87.1-0.1.101mdk.i586.rpm ecddf8805cbae3e8f52719d97af50290 10.1/SRPMS/clamav-0.87.1-0.1.101mdk.src.rpm
Mandrakelinux 10.1/X86_64
f8df2fa1ec1538d3c691462ece32459e x86_64/10.1/RPMS/clamav-0.87.1-0.1.101mdk.x86_64.rpm c8d3c45be5696671b4e968d923048250 x86_64/10.1/RPMS/clamav-db-0.87.1-0.1.101mdk.x86_64.rpm 5a1d8f5bf844b9d17fc6daeac3d9980f x86_64/10.1/RPMS/clamav-milter-0.87.1-0.1.101mdk.x86_64.rpm f29cf94d9bf5aed77fed89b62c3a31bd x86_64/10.1/RPMS/clamd-0.87.1-0.1.101mdk.x86_64.rpm af1d5f8be95f46fee78d441a9a9ef1d5 x86_64/10.1/RPMS/lib64clamav1-0.87.1-0.1.101mdk.x86_64.rpm f6dd47c525bfda31472aeeb130b44b04 x86_64/10.1/RPMS/lib64clamav1-devel-0.87.1-0.1.101mdk.x86_64.rpm ecddf8805cbae3e8f52719d97af50290 x86_64/10.1/SRPMS/clamav-0.87.1-0.1.101mdk.src.rpm
Corporate Server 3.0
050c7d954ed3989ad4147a88249badeb corporate/3.0/RPMS/clamav-0.87.1-0.1.C30mdk.i586.rpm a0d523b33847321b3d4e2bcb4871b1c7 corporate/3.0/RPMS/clamav-db-0.87.1-0.1.C30mdk.i586.rpm 8aaa9765087b36666aa3278f5a46d78e corporate/3.0/RPMS/clamav-milter-0.87.1-0.1.C30mdk.i586.rpm 58c653b2328ee65d7cdf1965db708e07 corporate/3.0/RPMS/clamd-0.87.1-0.1.C30mdk.i586.rpm ab6e8b876b55c02e6eba1c81b64992d8 corporate/3.0/RPMS/libclamav1-0.87.1-0.1.C30mdk.i586.rpm 096b42b70415f52cbce650b0a89760aa corporate/3.0/RPMS/libclamav1-devel-0.87.1-0.1.C30mdk.i586.rpm 0645c9be8c4e7d4b1ec8afea8f19d394 corporate/3.0/SRPMS/clamav-0.87.1-0.1.C30mdk.src.rpm
Corporate Server 3.0/X86_64
5d6e4bf645c047e7336b2a6d9bbf400a x86_64/corporate/3.0/RPMS/clamav-0.87.1-0.1.C30mdk.x86_64.rpm 48c8a2961fa704d6953ea5889f105921 x86_64/corporate/3.0/RPMS/clamav-db-0.87.1-0.1.C30mdk.x86_64.rpm da4c207e3c56196d847570bb29e1832b x86_64/corporate/3.0/RPMS/clamav-milter-0.87.1-0.1.C30mdk.x86_64.rpm b75e29b3640c7751dd33deb67738d111 x86_64/corporate/3.0/RPMS/clamd-0.87.1-0.1.C30mdk.x86_64.rpm a792a67e4ee111a62bfbadc509c3a9e4 x86_64/corporate/3.0/RPMS/lib64clamav1-0.87.1-0.1.C30mdk.x86_64.rpm 8d332c974aa7c208de3c1eb506f57f46 x86_64/corporate/3.0/RPMS/lib64clamav1-devel-0.87.1-0.1.C30mdk.x86_64.rpm 0645c9be8c4e7d4b1ec8afea8f19d394 x86_64/corporate/3.0/SRPMS/clamav-0.87.1-0.1.C30mdk.src.rpm
Mandrivalinux LE2005
3da7284615847be748e0ee755ab56963 10.2/RPMS/clamav-0.87.1-0.1.102mdk.i586.rpm cbe42a738a4008a559c56e51b9a6fe47 10.2/RPMS/clamav-db-0.87.1-0.1.102mdk.i586.rpm 1778a62fe729d77234ef1c1bde7f3cd0 10.2/RPMS/clamav-milter-0.87.1-0.1.102mdk.i586.rpm ae2d916c80f50f5386bd70e06c0b2fd2 10.2/RPMS/clamd-0.87.1-0.1.102mdk.i586.rpm d08c87436e20faf977f1ad059bc233b4 10.2/RPMS/libclamav1-0.87.1-0.1.102mdk.i586.rpm 74ee8b845b1c7a41ccdbf1c1e04591a5 10.2/RPMS/libclamav1-devel-0.87.1-0.1.102mdk.i586.rpm dd72cdbb564bf27c8f745b198cdbc99f 10.2/SRPMS/clamav-0.87.1-0.1.102mdk.src.rpm
Mandrivalinux LE2005/X86_64
10de2a9bf399f3a1c93732a9ef664664 x86_64/10.2/RPMS/clamav-0.87.1-0.1.102mdk.x86_64.rpm 0c87818d634084a023584d1c7146093f x86_64/10.2/RPMS/clamav-db-0.87.1-0.1.102mdk.x86_64.rpm 9ed0aaf9bf139c11a6641b073c35aecd x86_64/10.2/RPMS/clamav-milter-0.87.1-0.1.102mdk.x86_64.rpm 3c2d858b3fb039c735cb0cc0cb109e92 x86_64/10.2/RPMS/clamd-0.87.1-0.1.102mdk.x86_64.rpm 6b9d20e975ed97fc68f812189bfb86e8 x86_64/10.2/RPMS/lib64clamav1-0.87.1-0.1.102mdk.x86_64.rpm 4515067e6c33151d6555ed217914e696 x86_64/10.2/RPMS/lib64clamav1-devel-0.87.1-0.1.102mdk.x86_64.rpm dd72cdbb564bf27c8f745b198cdbc99f x86_64/10.2/SRPMS/clamav-0.87.1-0.1.102mdk.src.rpm
Mandrivalinux 2006
64044555942d783f59191af6bb051fe6 2006.0/RPMS/clamav-0.87.1-0.1.20060mdk.i586.rpm 3b090dc5a8a700c8dd58478201041384 2006.0/RPMS/clamav-db-0.87.1-0.1.20060mdk.i586.rpm cffbc77a4bd7fec42d4807863d7b74f0 2006.0/RPMS/clamav-milter-0.87.1-0.1.20060mdk.i586.rpm 74bfb1f658a39d3989e14879467f3f22 2006.0/RPMS/clamd-0.87.1-0.1.20060mdk.i586.rpm 9ee1b202bc72d72d2ec743a96bb6cffa 2006.0/RPMS/libclamav1-0.87.1-0.1.20060mdk.i586.rpm 3c292c33d6386278dec59b4ea79a595b 2006.0/RPMS/libclamav1-devel-0.87.1-0.1.20060mdk.i586.rpm 6df60c1704c68f55c4340ef390031a45 2006.0/SRPMS/clamav-0.87.1-0.1.20060mdk.src.rpm
Mandrivalinux 2006/X86_64
180c192924ea9682c6b9038b374b6b03 x86_64/2006.0/RPMS/clamav-0.87.1-0.1.20060mdk.x86_64.rpm 0c9f263914cda45b4ca018f11f955707 x86_64/2006.0/RPMS/clamav-db-0.87.1-0.1.20060mdk.x86_64.rpm 1df55cff65a82a0cf8f2aae8382f0887 x86_64/2006.0/RPMS/clamav-milter-0.87.1-0.1.20060mdk.x86_64.rpm 17355b44d623045954ef63674a1fc0c4 x86_64/2006.0/RPMS/clamd-0.87.1-0.1.20060mdk.x86_64.rpm e8540c821cf357e1fe11658479a6f987 x86_64/2006.0/RPMS/lib64clamav1-0.87.1-0.1.20060mdk.x86_64.rpm af0724e8ae0a0fe5da725a5ea715a590 x86_64/2006.0/RPMS/lib64clamav1-devel-0.87.1-0.1.20060mdk.x86_64.rpm 6df60c1704c68f55c4340ef390031a45 x86_64/2006.0/SRPMS/clamav-0.87.1-0.1.20060mdk.src.rpm
Para actualizar automáticamente, utilice MandrakeUpdate.
Mayor información.
http://frontal2.mandriva.com/security/advisories-name=MDKSA-2005:205La Coordinación de Seguridad de la Información/UNAM-CERT agradece el apoyo en la elaboración ó traducción y revisión de éste Documento a:
UNAM-CERT
Equipo de Respuesta a Incidentes UNAM
Coordinación de Seguridad de la Información
incidentes at seguridad.unam.mx
phishing at seguridad.unam.mx
http://www.cert.org.mx
http://www.seguridad.unam.mx
ftp://ftp.seguridad.unam.mx
Tel: 56 22 81 69
Fax: 56 22 80 47
Aviso legal |
Créditos |
Staff |
Administración
Copyright © Todos los derechos reservados
UNAM - CERT