1 2 3 4 5 6

Vulnerabilidades rss pdf

Coordinación de Seguridad de la Información - UNAM-CERT -- DGTIC-UNAM

Vulnerabilidad de Seguridad UNAM-CERT-2006-035 Mandriva liberó una actualización para ClamAV.

Mandriva liberó una actualización para ClamAV. Esta repara una vulnerabilidad que puede explotarse para comprometer un sistema vulnerable.

  • Fecha de Liberación: 17-Ene-2006
  • Ultima Revisión: 17-Ene-2006
  • Fuente:

    Mandriva Security Advisory
    MDKSA-2006:016
  • CVE ID: CAN-2006-0162
  • Riesgo Altamente crítico
  • Problema de Vulnerabilidad Remoto
  • Tipo de Vulnerabilidad Buffer overflow

Sistemas Afectados

Mandrake 10.1 Clam AntiVirus (clamav) < 0.88
Mandrake 10.2 Clam AntiVirus (clamav) < 0.88
Mandrake CS3.0 Clam AntiVirus (clamav) < 0.88
Mandrake LE2006 Clam AntiVirus (clamav) < 0.88

  1. Descripción

    Mandriva liberó una actualización para ClamAV. Esta repara una vulnerabilidad que puede explotarse por personas maliciosas para comprometer un sistema vulnerable.

      La vulnerabilidad se debe a un error en el control del límite de la memoria, ocasionando un desbordamiento en el segmento de heap y posibilitando la ejecución de código arbitrario.

      Ver:
      Buffer Overflow en el manejo de archivos UPX de ClamAV.
      http://www.seguridad.unam.mx/vulnerabilidadesDB-vulne=5008

  2. Impacto

    Acceso al sistema.

  3. Solución

    Aplicar los paquetes actualizados.

    Mandrakelinux 10.1

    a6f50f607308d688ae0acbb8a03be62f 10.1/RPMS/clamav-0.88-0.1.101mdk.i586.rpm
4a91d81f7ca2baa8392e9822493e9bad 10.1/RPMS/clamav-db-0.88-0.1.101mdk.i586.rpm
f37f5611b73a0b39efc030a7380fd231 10.1/RPMS/clamav-milter-0.88-0.1.101mdk.i586.rpm
3a358f56b38d12dd2f406ad01e4d15d1 10.1/RPMS/clamd-0.88-0.1.101mdk.i586.rpm
1073d9acede45ae3712dde6016d93776 10.1/RPMS/libclamav1-0.88-0.1.101mdk.i586.rpm
3ed0c1a49b4a7aaf2438d2c65a14cf46 10.1/RPMS/libclamav1-devel-0.88-0.1.101mdk.i586.rpm
70ca1d9a3498e82d89d1d8a5ef7386f6 10.1/SRPMS/clamav-0.88-0.1.101mdk.src.rpm

    Mandrakelinux 10.1/X86_64

    da3e4a1571a2e98591c6324a06d5dbc1 x86_64/10.1/RPMS/clamav-0.88-0.1.101mdk.x86_64.rpm
1d3a2630d32b08fbb72ccf5543d9ab93 x86_64/10.1/RPMS/clamav-db-0.88-0.1.101mdk.x86_64.rpm
0bb23a740d77e519f79336dd94624995 x86_64/10.1/RPMS/clamav-milter-0.88-0.1.101mdk.x86_64.rpm
fcb790c235e892f2bcb3e40073de37dc x86_64/10.1/RPMS/clamd-0.88-0.1.101mdk.x86_64.rpm
5fbe68962ebdb338f7f2dd642af2e2c5 x86_64/10.1/RPMS/lib64clamav1-0.88-0.1.101mdk.x86_64.rpm
588f38077ecc9334d87bc32d55d19693 x86_64/10.1/RPMS/lib64clamav1-devel-0.88-0.1.101mdk.x86_64.rpm
70ca1d9a3498e82d89d1d8a5ef7386f6 x86_64/10.1/SRPMS/clamav-0.88-0.1.101mdk.src.rpm

    Corporate Server 3.0

    83adb159a2d4529422cc13d5946ba755 corporate/3.0/RPMS/clamav-0.88-0.1.C30mdk.i586.rpm
cc58276368f5eb263516a55376cb1d4d corporate/3.0/RPMS/clamav-db-0.88-0.1.C30mdk.i586.rpm
ebda4c6c4e070ae0b02327f64ce5f8c1 corporate/3.0/RPMS/clamav-milter-0.88-0.1.C30mdk.i586.rpm
2343c8e3cb71f9c1f94a04ea153df0b0 corporate/3.0/RPMS/clamd-0.88-0.1.C30mdk.i586.rpm
9b9516676a908e9706070f924d127241 corporate/3.0/RPMS/libclamav1-0.88-0.1.C30mdk.i586.rpm
66c4f79955843bb0dab60021eeda4b89 corporate/3.0/RPMS/libclamav1-devel-0.88-0.1.C30mdk.i586.rpm
e670f8e1032dd9cbf38479f5bc695730 corporate/3.0/SRPMS/clamav-0.88-0.1.C30mdk.src.rpm

    Corporate Server 3.0/X86_64

    cb622db3837b0019ee05fab5b93b3a73 x86_64/corporate/3.0/RPMS/clamav-0.88-0.1.C30mdk.x86_64.rpm
e35b47f2bb233a6a63da9111f33d34b1 x86_64/corporate/3.0/RPMS/clamav-db-0.88-0.1.C30mdk.x86_64.rpm
0bd8f3b55cdf12eb23e1450a116f42d1 x86_64/corporate/3.0/RPMS/clamav-milter-0.88-0.1.C30mdk.x86_64.rpm
c03051f1e521db11b0604ed123caaa24 x86_64/corporate/3.0/RPMS/clamd-0.88-0.1.C30mdk.x86_64.rpm
d9ad3e9cf881de0185cf58ae80c89391 x86_64/corporate/3.0/RPMS/lib64clamav1-0.88-0.1.C30mdk.x86_64.rpm
0148db41a8e5724cd229ea866b7037ad x86_64/corporate/3.0/RPMS/lib64clamav1-devel-0.88-0.1.C30mdk.x86_64.rpm
e670f8e1032dd9cbf38479f5bc695730 x86_64/corporate/3.0/SRPMS/clamav-0.88-0.1.C30mdk.src.rpm

    Mandrivalinux LE2005

    d2cf2ff410e827248183514a3d28bbee 10.2/RPMS/clamav-0.88-0.1.102mdk.i586.rpm
c6dc409a0ca4464c89fea392773afc2a 10.2/RPMS/clamav-db-0.88-0.1.102mdk.i586.rpm
c3f0b3ca067b4ed9cef80a9a3235b584 10.2/RPMS/clamav-milter-0.88-0.1.102mdk.i586.rpm
1c8c9376e21ae2ffe69d2a932a84b1d6 10.2/RPMS/clamd-0.88-0.1.102mdk.i586.rpm
513f0a8e2f11b87c8aa53bcb73c442af 10.2/RPMS/libclamav1-0.88-0.1.102mdk.i586.rpm
0add915e8292b4103a1a70a8024a9c14 10.2/RPMS/libclamav1-devel-0.88-0.1.102mdk.i586.rpm
e7b233b0e93148483eaddc13fb2c08ca 10.2/SRPMS/clamav-0.88-0.1.102mdk.src.rpm

    Mandrivalinux LE2005/X86_64

    95f3d51d9161e8ce768d539fb09bf61e x86_64/10.2/RPMS/clamav-0.88-0.1.102mdk.x86_64.rpm
32d954251997dfe4c6a90b47c1afc043 x86_64/10.2/RPMS/clamav-db-0.88-0.1.102mdk.x86_64.rpm
d65805c70d7610d8c8c4398e061263a2 x86_64/10.2/RPMS/clamav-milter-0.88-0.1.102mdk.x86_64.rpm
435700e77ca28dc666e192e7478f7d2e x86_64/10.2/RPMS/clamd-0.88-0.1.102mdk.x86_64.rpm
511343643497d4b9766b57fe8f04273e x86_64/10.2/RPMS/lib64clamav1-0.88-0.1.102mdk.x86_64.rpm
d0eed7f044d7e8a7f4db533af5fe9ad9 x86_64/10.2/RPMS/lib64clamav1-devel-0.88-0.1.102mdk.x86_64.rpm
e7b233b0e93148483eaddc13fb2c08ca x86_64/10.2/SRPMS/clamav-0.88-0.1.102mdk.src.rpm

    Mandrivalinux 2006

    56058f4cd26122cea69427cc67865c87 2006.0/RPMS/clamav-0.88-0.1.20060mdk.i586.rpm
fc2da08ef403505d405c27ecf7e70906 2006.0/RPMS/clamav-db-0.88-0.1.20060mdk.i586.rpm
bc9b7175371d7e79dd24eb4eae959963 2006.0/RPMS/clamav-milter-0.88-0.1.20060mdk.i586.rpm
33c61bd443c38a580d0951cce4fd0fc4 2006.0/RPMS/clamd-0.88-0.1.20060mdk.i586.rpm
52ac84d0d82955075917b5d1746f3c89 2006.0/RPMS/libclamav1-0.88-0.1.20060mdk.i586.rpm
17b683eff95867f061c337a5a5ddfc98 2006.0/RPMS/libclamav1-devel-0.88-0.1.20060mdk.i586.rpm
6b9450ddd32e67b51b6210c881c4ee57 2006.0/SRPMS/clamav-0.88-0.1.20060mdk.src.rpm

    Mandrivalinux 2006/X86_64

    9f8c4d9df419f07e9b77805cc44def6d x86_64/2006.0/RPMS/clamav-0.88-0.1.20060mdk.x86_64.rpm
052b2bce512f66ae755ca5c546e617e2 x86_64/2006.0/RPMS/clamav-db-0.88-0.1.20060mdk.x86_64.rpm
7baabc483eb84d4aa57d4eab4780e0d6 x86_64/2006.0/RPMS/clamav-milter-0.88-0.1.20060mdk.x86_64.rpm
7dedeeafe3bb5d61787d8d580cf47a10 x86_64/2006.0/RPMS/clamd-0.88-0.1.20060mdk.x86_64.rpm
ab4d8c33215c6937e78d817b24a411e7 x86_64/2006.0/RPMS/lib64clamav1-0.88-0.1.20060mdk.x86_64.rpm
dcd8465544b9e49d81788220d166c128 x86_64/2006.0/RPMS/lib64clamav1-devel-0.88-0.1.20060mdk.x86_64.rpm
6b9450ddd32e67b51b6210c881c4ee57 x86_64/2006.0/SRPMS/clamav-0.88-0.1.20060mdk.src.rpm

  4. Apéndices

    http://wwwnew.mandriva.com/security/advisories-name=MDKSA-2006:016
    http://www.seguridad.unam.mx/vulnerabilidadesDB-vulne=5008

La Coordinación de Seguridad de la Información/UNAM-CERT agradece el apoyo en la elaboración ó traducción y revisión de éste Documento a:

  • Floriberto López Velázquez (flopez at seguridad dot unam dot mx)

UNAM-CERT
Equipo de Respuesta a Incidentes UNAM
Coordinación de Seguridad de la Información

incidentes at seguridad.unam.mx
phishing at seguridad.unam.mx
http://www.cert.org.mx
http://www.seguridad.unam.mx
ftp://ftp.seguridad.unam.mx
Tel: 56 22 81 69
Fax: 56 22 80 47

Universidad Nacional Autonoma de México Aviso legal |  Créditos |  Staff |  Administración
Copyright © Todos los derechos reservados
UNAM - CERT