SECUNIA ADVISORY ID: SA23347
VERIFY ADVISORY: http://secunia.com/advisories/23347/
CRITICAL: Moderately critical
IMPACT: DoS
SOFTWARE: Clam AntiVirus (clamav) 0.x - http://secunia.com/product/2538/
DESCRIPTION: Hendrik Weimer has reported a vulnerability in Clam AntiVirus, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a stack overflow when scanning messages with deeply nested multipart content. This can be exploited to crash the service by sending specially crafted emails to a vulnerable system. The vulnerability is reported in versions prior to 0.88.7.
SOLUTION: Update to version 0.88.7.
PROVIDED AND/OR DISCOVERED BY: Hendrik Weimer
ORIGINAL ADVISORY: http://www.quantenblog.net/security/virus-scanner-bypass
Clam AntiVirus Multipart Nestings Denial of ServicePosted on Wednesday, December 13, 2006 @ 00:57:03 UTC in Security |
Related
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
