Package: clamav
Version: 0.90.1-3etch7
Severity: critical
Tags: security

Two new CVEs for clamav:

Name: CVE-2007-6595
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6595
Reference: BUGTRAQ:20071229 TK53 Advisory #2: Multiple vulnerabilities in ClamAV
Reference: 
URL:http://www.securityfocus.com/archive/1/archive/1/485631/100/0/threaded
Reference: BID:27064
Reference: URL:http://www.securityfocus.com/bid/27064
 
 ClamAV 0.92 allows local users to overwrite arbitrary files via a
 symlink attack on (1) temporary files in the cli_gentempfd function in
 libclamav/others.c or on (2) .ascii files in sigtool, when
 utf16-decode is enabled.

Name: CVE-2007-6596
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6596
Reference: BUGTRAQ:20071229 TK53 Advisory #2: Multiple vulnerabilities in ClamAV
Reference: 
URL:http://www.securityfocus.com/archive/1/archive/1/485631/100/0/threaded
Reference: BID:27064
Reference: URL:http://www.securityfocus.com/bid/27064

 ClamAV 0.92 does not recognize Base64 UUEncoded archives, which allows
 remote attackers to bypass the scanner via a Base64-UUEncoded file.


I'd say ignore CVE-2007-6596, as clamav also doesn't recognise
insert-random-proprietary-encoding-here either, so it's not really a
valid issue (imo).

Tags for versions are:
CVE-2007-6595 isn't relevant for sarge, and only part (2) is in etch.
Lenny/sid affected fully.



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to