ClamAV LZH File Unpacking Denial Of Service Vulnerability (Linux) Network Vulnerability

Summary

The host is installed with ClamAV and is prone to Denial of Service Vulnerability.

Impact

Attackers can exploit this issue to execute arbitrary code in the context of affected application, and can cause denial of service. Impact Level: Application

Solution

Upgrade to ClamAV 0.94 or later http://www.clamav.net/download

Insight

A segmentation fault ocurs in the unpack feature,while processing malicious LZH file.

Affected

ClamAV 0.93.3 and prior on Linux.

References

http://osvdb.org/51963
http://www.ivizsecurity.com/security-advisory-iviz-sr-08011.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-6845

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Denial Of Service Vulnerability in PHP April-09
Apple Safari Nested 'object' Tag Remote Denial Of Service vulnerability
Comodo Internet Security Denial of Service Vulnerability-05
ClamAV 'cli_pdf()' and 'cli_scanicon()' Denial of Service Vulnerabilities (Win
F-PROT AV 'ELF' Header Denial of Service Vulnerability

ClamAV LZH File Unpacking Denial of Service Vulnerability (Linux)

Take action and discover your vulnerabilities