ClamAV: Buffer overflow in Freshclam — GLSA 200605-03

Freshclam is vulnerable to a buffer overflow that could lead to execution of arbitrary code.

Affected Packages

app-antivirus/clamav on all architectures
Affected versions < 0.88.2
Unaffected versions >= 0.88.2

Background

ClamAV is a GPL virus scanner. Freshclam is a utility to download virus signature updates.

Description

Ulf Harnhammar and an anonymous German researcher discovered that Freshclam fails to check the size of the header data returned by a webserver.

Impact

By enticing a user to connect to a malicious webserver an attacker could cause the execution of arbitrary code.

Workaround

There is no known workaround at this time.

Resolution

All ClamAV users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.88.2"

References

Release Date
May 02, 2006

Latest Revision
May 02, 2006: 01

Severity
normal

Exploitable
remote

Bugzilla entries