Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2008.0731 -- [Debian] new clamav packages fix denial of service 28 July 2008 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: clamav Publisher: Debian Operating System: Debian GNU/Linux 4.0 Impact: Denial of Service Access: Remote/Unauthenticated CVE Names: CVE-2008-2713 Ref: AA-2008.0139 Original Bulletin: http://www.debian.org/security/2008/dsa-1616 Revision History: July 28 2008: An error in the patch has been fixed July 25 2008: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-1616-2 security@debian.org http://www.debian.org/security/ Devin Carraway July 26, 2008 http://www.debian.org/security/faq - - ------------------------------------------------------------------------ Package : clamav Vulnerability : denial of service Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-2713 Debian Bug : 490925 This update corrects a packaging and build error in the packages released in DSA-1616-1. Those packages, while functional, did not actually apply the fix intended. This update restores the fix to the package build; no other changes are introduced. For reference, the text of the original advisory follows. Damian Put discovered a vulnerability in the ClamAV anti-virus toolkit's parsing of Petite-packed Win32 executables. The weakness leads to an invalid memory access, and could enable an attacker to crash clamav by supplying a maliciously crafted Petite-compressed binary for scanning. In some configurations, such as when clamav is used in combination with mail servers, this could cause a system to "fail open," facilitating a follow-on viral attack. The Common Vulnerabilities and Exposures project identifies this weakness as CVE-2008-2713. For the stable distribution (etch), this problem has been fixed in version 0.90.1dfsg-3.1+etch14. For the unstable distribution (sid), the problem has been fixed in version 0.93.1.dfsg-1.1. We recommend that you upgrade your clamav packages. Upgrade instructions - - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 4.0 alias etch - - ------------------------------- Debian (stable) - - --------------- Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. Source archives: http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg.orig.tar.gz Size/MD5 checksum: 11610428 6dc18602b0aa653924d47316f9411e49 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3.1+etch14.diff.gz Size/MD5 checksum: 212774 199de1c758a33edf439dde87ae569bac http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3.1+etch14.dsc Size/MD5 checksum: 906 71a4fbac6552c6a24d1a0e2c4ca1c7da Architecture independent packages: http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.90.1dfsg-3.1+etch14_all.deb Size/MD5 checksum: 1006914 a5feccd106ffa258beae4901d25db623 http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.90.1dfsg-3.1+etch14_all.deb Size/MD5 checksum: 158430 bbc7804704709ae18176c737c0b134e9 http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.90.1dfsg-3.1+etch14_all.deb Size/MD5 checksum: 201298 868f961ab7554df5417736f335aa488d alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3.1+etch14_alpha.deb Size/MD5 checksum: 182644 8e84fae267fb377cabf7317d2f44c692 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3.1+etch14_alpha.deb Size/MD5 checksum: 9305178 b750c3292f0e7d1cdb56238683571734 http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3.1+etch14_alpha.deb Size/MD5 checksum: 597516 fc362f29653a1f7b4502ad194b67b847 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3.1+etch14_alpha.deb Size/MD5 checksum: 862222 7efe4391739d6a09c405b18d29f3044a http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3.1+etch14_alpha.deb Size/MD5 checksum: 465260 b63d35f63e5aaf44156887abd1d1459e http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3.1+etch14_alpha.deb Size/MD5 checksum: 372814 60af231db0dff0eaff0a672263dfcd7d http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3.1+etch14_alpha.deb Size/MD5 checksum: 180822 e63e83fef5fecfe72af5ec219de783b0 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3.1+etch14_amd64.deb Size/MD5 checksum: 341534 6c0bc2832930b33660a112bf19935a83 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3.1+etch14_amd64.deb Size/MD5 checksum: 857172 a48f0ceee8dfcc931f644c8ce1e6f538 http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3.1+etch14_amd64.deb Size/MD5 checksum: 177770 4207030fd20cca2180859ec443f0a0f1 http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3.1+etch14_amd64.deb Size/MD5 checksum: 178482 03f5be30b79ef71176f6ae719401f436 http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3.1+etch14_amd64.deb Size/MD5 checksum: 594702 3abad9e4419716ab642f8c017559bb6a http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3.1+etch14_amd64.deb Size/MD5 checksum: 9301618 1bcd0de2457edd37d6ffc3b0903696b1 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3.1+etch14_amd64.deb Size/MD5 checksum: 355674 0ae17bf7e335891cdbeeb4b60be92632 arm architecture (ARM) http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3.1+etch14_arm.deb Size/MD5 checksum: 171748 3ed60880f21579874b4ad6a9e015f68a http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3.1+etch14_arm.deb Size/MD5 checksum: 9299608 7e9e3f4609257394f40b2d6857474064 http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3.1+etch14_arm.deb Size/MD5 checksum: 335664 db92882e9aa7b6ca64da3cf9891449d2 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3.1+etch14_arm.deb Size/MD5 checksum: 853812 c38d6afa529c6436676e53ccba32ec2f http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3.1+etch14_arm.deb Size/MD5 checksum: 336382 644bcae8f4c896753dad02f1b2009d1a http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3.1+etch14_arm.deb Size/MD5 checksum: 175872 10d4176f16d8be11a06b6146c7779109 http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3.1+etch14_arm.deb Size/MD5 checksum: 554138 95ffde3c2906b6841b27434853f079f2 hppa architecture (HP PA RISC) http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3.1+etch14_hppa.deb Size/MD5 checksum: 178090 8991c9cc08ee36c63edf94008acfa594 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3.1+etch14_hppa.deb Size/MD5 checksum: 9303416 4bc7ace973a6d7b38a8b51f61c85aefb http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3.1+etch14_hppa.deb Size/MD5 checksum: 572296 49cc89497b0f53af36fe674baf3137b5 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3.1+etch14_hppa.deb Size/MD5 checksum: 856748 f55ee39b6d74332e7445052c40dfdb03 http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3.1+etch14_hppa.deb Size/MD5 checksum: 177814 8909ac03518b4a5f3c32e64ca1788dc1 http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3.1+etch14_hppa.deb Size/MD5 checksum: 372458 07afbcca403412e6d15d605084fe5dc9 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3.1+etch14_hppa.deb Size/MD5 checksum: 396254 4af9d29063c5d7e69c4ab9f338c0394c i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3.1+etch14_i386.deb Size/MD5 checksum: 175282 424fa862dad29ea379904129391e41d1 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3.1+etch14_i386.deb Size/MD5 checksum: 338196 cf2864c712dfbfc8b69c9b1273175fb3 http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3.1+etch14_i386.deb Size/MD5 checksum: 175836 090d742a6210c51592fe1ecc280c8b39 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3.1+etch14_i386.deb Size/MD5 checksum: 853006 1533b5f937508351cebf4fea531d06a5 http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3.1+etch14_i386.deb Size/MD5 checksum: 559576 7617c8c357f9f6e3727dedc3df01663e http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3.1+etch14_i386.deb Size/MD5 checksum: 339726 e90b7aca9c23b8f7806db6140585b753 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3.1+etch14_i386.deb Size/MD5 checksum: 9299954 ed782c4d674b7dabc492a81c886be34c ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3.1+etch14_ia64.deb Size/MD5 checksum: 9315878 7e185a585d7847067b2b8ab671f0c2dc http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3.1+etch14_ia64.deb Size/MD5 checksum: 879008 930ead56956e3b853a9ac95f321451fd http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3.1+etch14_ia64.deb Size/MD5 checksum: 427704 a9b75983eef41d65d0a55fc4e60465bc http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3.1+etch14_ia64.deb Size/MD5 checksum: 192526 559aecb601fea34925ad47915c835475 http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3.1+etch14_ia64.deb Size/MD5 checksum: 610678 6f56f8a76b88dde718029ce0e8c3eb07 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3.1+etch14_ia64.deb Size/MD5 checksum: 465838 8f8cb866007dbec4079c77ea6bac0319 http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3.1+etch14_ia64.deb Size/MD5 checksum: 202260 36c874543c4b57ccf087701b9afcbf43 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3.1+etch14_mips.deb Size/MD5 checksum: 9301614 51ef706f4e02abf651bb5f204d78cb25 http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3.1+etch14_mips.deb Size/MD5 checksum: 179662 91c4d43018b2578afcfa691a362766fd http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3.1+etch14_mips.deb Size/MD5 checksum: 855158 0d1392dbda84cfc0ddb85980f691efc4 http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3.1+etch14_mips.deb Size/MD5 checksum: 343444 0566593cd104727051462bdfca0a737f http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3.1+etch14_mips.deb Size/MD5 checksum: 599850 2c32b41dc36d46c2284a059246bc81e8 http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3.1+etch14_mips.deb Size/MD5 checksum: 175536 535b43fc2080b1e154f5fbc45067e102 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3.1+etch14_mips.deb Size/MD5 checksum: 398480 a034805b291260d2c65071cd9019e762 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3.1+etch14_mipsel.deb Size/MD5 checksum: 855196 fe395546187d33676b2e52d8ae6311c7 http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3.1+etch14_mipsel.deb Size/MD5 checksum: 176512 fffe8e028d63a4d60d09fe2fa779ad09 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3.1+etch14_mipsel.deb Size/MD5 checksum: 389714 8baf3767f9c032cbb8d41ae765a04129 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3.1+etch14_mipsel.deb Size/MD5 checksum: 9302090 64a4984f8215b36ec199bd62ce43e5e1 http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3.1+etch14_mipsel.deb Size/MD5 checksum: 180540 86cb92398f1de1d910e99f2c8dafaef5 http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3.1+etch14_mipsel.deb Size/MD5 checksum: 590596 80bc2c27892e72164d4e2979ef7c9a8c http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3.1+etch14_mipsel.deb Size/MD5 checksum: 336880 a64b54f0c011823596e81f676ec30535 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3.1+etch14_powerpc.deb Size/MD5 checksum: 176940 d165050c2dda9b0c04173a600670dc60 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3.1+etch14_powerpc.deb Size/MD5 checksum: 9302922 4ce517ac4194aee7413166bc5e3a3c55 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3.1+etch14_powerpc.deb Size/MD5 checksum: 372472 304f0d7daf701aeb080c57e803614bdd http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3.1+etch14_powerpc.deb Size/MD5 checksum: 590982 79f675fd08cdef59591b73ddb756b57d http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3.1+etch14_powerpc.deb Size/MD5 checksum: 857860 499b3df5f4a3a75219cae4fcbe7de74d http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3.1+etch14_powerpc.deb Size/MD5 checksum: 350472 790d98cebecfcf302578f259d3db4944 http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3.1+etch14_powerpc.deb Size/MD5 checksum: 182340 4bc61a48fc1cba04e41fbfcee0e6153f s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3.1+etch14_s390.deb Size/MD5 checksum: 855798 c48dfd49d40a99a8e6a422e7c4d57958 http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3.1+etch14_s390.deb Size/MD5 checksum: 581570 8e91584fcd401c6aa4fd423fc66c5804 http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3.1+etch14_s390.deb Size/MD5 checksum: 177732 37fb6afe5c9b497d7807d7ba9de7c60e http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3.1+etch14_s390.deb Size/MD5 checksum: 370092 2bf800750709e2a85ab0c8d20120dd35 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3.1+etch14_s390.deb Size/MD5 checksum: 9301540 a7faa325d0520f0e3fa6cb6388817354 http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3.1+etch14_s390.deb Size/MD5 checksum: 176904 49de4354abb82882b316c7eaa951f634 http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3.1+etch14_s390.deb Size/MD5 checksum: 361538 041f98e36b075c2124a13ca7d821ec27 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3.1+etch14_sparc.deb Size/MD5 checksum: 851954 84e5342b68218f68c4f9098d6854a812 http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3.1+etch14_sparc.deb Size/MD5 checksum: 349302 2ac1912b054a77725c26e1126cef9396 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3.1+etch14_sparc.deb Size/MD5 checksum: 357818 d3d49289c7448b2ab8144519fb09d2dc http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3.1+etch14_sparc.deb Size/MD5 checksum: 540964 902c896aea414d26ba171f24ebf7f9d7 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3.1+etch14_sparc.deb Size/MD5 checksum: 9299278 4a00f95c77563140ea860f62d49feb9c http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3.1+etch14_sparc.deb Size/MD5 checksum: 174636 b72067dd6e27fcefe97ace2a0911f05c http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3.1+etch14_sparc.deb Size/MD5 checksum: 172690 d6fa013c61cc962447de1c4f85c78927 These files will probably be moved into the stable distribution on its next update. - - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIiqrmU5XKDemr/NIRAoLWAJwPrE4DuB4Pzu2Nqy8VwHQAp6X1ggCffak6 7YkaoDQuhWSw2Xc12CA2xZs= =VW7q - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBSI0F/ih9+71yA2DNAQJNjQQAiizAdWCzSqwheomz0A+aZKAdnq4YXmuK dDr+ScvRSKpzdtu5l12uvkRq3D/qOIPzntXNmrP6y3k4FCWIz6vC6cqkvBK73Qit pbgw++QDSPJUh+l4KJMFP5Q/aZlLHBTjVsYPmqTiNnkoVlvgPiI2MzxYwwnjj/Qp tKLX11id1Fw= =NfXq -----END PGP SIGNATURE-----