安全研究
安全漏洞
ClamAV多个整数溢出漏洞
发布日期:2005-08-16
更新日期:2005-08-17
受影响系统:
ClamAV ClamAV < 0.86.2不受影响系统:
ClamAV ClamAV 0.86.2描述:
BUGTRAQ ID: 14359
CVE(CAN) ID: CVE-2005-2450
Clam AntiVirus是Unix的GPL杀毒工具包,很多邮件网关产品都在使用。
ClamAV中存在多个整数溢出漏洞。如果ClamAV病毒库处理了畸形的TNEF、CHM和FSG格式文件的话,攻击者就可以控制执行流,执行攻击者所提供的代码。
<*来源:Neel Mehta
Alex Wheeler
链接:http://www.debian.org/security/2005/dsa-776
http://security.gentoo.org/glsa/glsa-200507-25.xml
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-776-1)以及相应补丁:
DSA-776-1:New clamav packages fix several problems
链接:http://www.debian.org/security/2005/dsa-776
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2.dsc
Size/MD5 checksum: 872 a5d90ac557b114453e0935d95bca8e17
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2.diff.gz
Size/MD5 checksum: 169363 b12ac60c0652f68db9116aad830cde7f
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84.orig.tar.gz
Size/MD5 checksum: 4006624 c43213da01d510faf117daa9a4d5326c
Architecture independent components:
http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.84-2.sarge.2_all.deb
Size/MD5 checksum: 154106 03b1f4f5addba27a157b0a6676555ff8
http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.84-2.sarge.2_all.deb
Size/MD5 checksum: 689748 84683f319f4c9a8f7e4d1d77d747396c
http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.84-2.sarge.2_all.deb
Size/MD5 checksum: 123118 58fea3ad4fcc2611f69af0f2ba455af8
Alpha architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_alpha.deb
Size/MD5 checksum: 74676 3f1d00637a7028c7012c3fe51e1383f4
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_alpha.deb
Size/MD5 checksum: 48782 937bbc75d644b6c7a2e0ec7b5daa5bf6
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_alpha.deb
Size/MD5 checksum: 2176324 0e6a0ae9d5ec4b68ed0e8bc688bbfb68
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_alpha.deb
Size/MD5 checksum: 42116 bdc3ae3b34c0a9be2eb8621cc3177676
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_alpha.deb
Size/MD5 checksum: 254548 5db908c37914f6fd06b2f3d689de0b81
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_alpha.deb
Size/MD5 checksum: 283680 1e88b3d96000f0a1c5cf8a2cd0aad493
AMD64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_amd64.deb
Size/MD5 checksum: 68866 07f764af8962cda289e92a0f7ca2d81a
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_amd64.deb
Size/MD5 checksum: 44182 8d7dbb6148610b78c81ce135dbf9c7f8
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_amd64.deb
Size/MD5 checksum: 2173198 615c7b237d3a4993550955e00e605135
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_amd64.deb
Size/MD5 checksum: 40010 6941c36e7db2e48dc78f0a97e1b83aed
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_amd64.deb
Size/MD5 checksum: 175358 ce3229e6277efe07443593432d194e8b
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_amd64.deb
Size/MD5 checksum: 257690 c590d1a69e5899e75ef907d55ee2510a
ARM architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_arm.deb
Size/MD5 checksum: 63820 5871903c9f4789757ca2dda256a29197
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_arm.deb
Size/MD5 checksum: 39504 bb7f439e8c7e0c7345ac37e537bb1db1
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_arm.deb
Size/MD5 checksum: 2171180 a13279483c8265842b3b1e8641814fd5
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_arm.deb
Size/MD5 checksum: 37302 b1400e02bbf2889e0befd15012ca1699
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_arm.deb
Size/MD5 checksum: 173514 a063023f5ad8e3d21896f21782f05be7
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_arm.deb
Size/MD5 checksum: 248174 7e084d71255c9924a90ab7956ae55ff7
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_i386.deb
Size/MD5 checksum: 65140 ecebd43707069c8ef8f5ba3c4e007d23
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_i386.deb
Size/MD5 checksum: 40202 d9ab0e02273c9fff0d4f73ed3ec73215
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_i386.deb
Size/MD5 checksum: 2171494 d2fc4550ac66059e286497b2b9c17ffe
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_i386.deb
Size/MD5 checksum: 38024 65657d68687180b74819de783d0098b4
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_i386.deb
Size/MD5 checksum: 158552 e8143195d0a7d26a282a13a8a298e263
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_i386.deb
Size/MD5 checksum: 252400 3c2b9d3e379c0c5763f7d8a4162ac1a6
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_ia64.deb
Size/MD5 checksum: 81732 b010b8ca29e256a80f43fabd673f9d26
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_ia64.deb
Size/MD5 checksum: 55098 e9ede8cecf6440b9c18620c82ed017f4
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_ia64.deb
Size/MD5 checksum: 2180096 ae09fef9a1569fe07f77209e1e3bda70
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_ia64.deb
Size/MD5 checksum: 49202 db0e453890631c462b76c79526034afb
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_ia64.deb
Size/MD5 checksum: 250438 430797b7c58289c263aa0b3e0b4dbc7f
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_ia64.deb
Size/MD5 checksum: 315662 3261606911205a42adaa885a4cce1b0e
HP Precision architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_hppa.deb
Size/MD5 checksum: 68188 28b4f3e57c32ff42e1609de48f5a4e44
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_hppa.deb
Size/MD5 checksum: 43232 0204bc7cb2dc0e22b0de6fcac5d7d56d
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_hppa.deb
Size/MD5 checksum: 2173632 bce3329a057c47e0e5d237fab515ae23
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_hppa.deb
Size/MD5 checksum: 39456 6c75ce7b7ea86db1e0c6da64da1f95ff
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_hppa.deb
Size/MD5 checksum: 201268 e101e3b0ff335ee434bc79744d28dae3
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_hppa.deb
Size/MD5 checksum: 281626 689202601c916ae9e2da20e7bca6c7a3
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_m68k.deb
Size/MD5 checksum: 62454 ff013452d8ad7bc594236ad4612e7314
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_m68k.deb
Size/MD5 checksum: 38070 0a20559664e319e5f8877d2122fa149d
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_m68k.deb
Size/MD5 checksum: 2170456 b2cc40301a092d987de075c37fc4f271
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_m68k.deb
Size/MD5 checksum: 35066 5b7b62906971f1f06d1e8006598de8ca
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_m68k.deb
Size/MD5 checksum: 145404 47f7a24305acd5201509e3f1d2ca4ceb
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_m68k.deb
Size/MD5 checksum: 248852 21681bb560a4036cc8550cf128e0c8f7
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_mips.deb
Size/MD5 checksum: 67862 97a3b0443ee81ea46597039bbe2dc182
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_mips.deb
Size/MD5 checksum: 43678 f6a8c79489fb6ba605b57058b72226da
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_mips.deb
Size/MD5 checksum: 2172976 2969543db5ee78197b4b836c9d78d371
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_mips.deb
Size/MD5 checksum: 37676 a4a7297f5e3fc3bfc1492bd26f97a788
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_mips.deb
Size/MD5 checksum: 194322 cc37bcbd31388e6f562c54e142d13ac0
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_mips.deb
Size/MD5 checksum: 255894 3ea583ce7f2505142e194b703d1ca942
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_mipsel.deb
Size/MD5 checksum: 67488 a21ff89942ffbadfa4e689cdb1909866
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_mipsel.deb
Size/MD5 checksum: 43488 01e504336acf95fcc1b0ee8944f4878a
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_mipsel.deb
Size/MD5 checksum: 2172936 02a85640ed6e25f8941bee026350e243
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_mipsel.deb
Size/MD5 checksum: 37962 6ea7d7fdf1107411c7dbde7c1a42653b
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_mipsel.deb
Size/MD5 checksum: 190668 b889c22d131758864a4879b5cb7348ec
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_mipsel.deb
Size/MD5 checksum: 253402 f574c054c397f0260667e745775815cc
PowerPC architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_powerpc.deb
Size/MD5 checksum: 69232 c93efea8ad9bfc150702ab8ff3263bf5
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_powerpc.deb
Size/MD5 checksum: 44574 89e9935711c574c4034626d865908f8e
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_powerpc.deb
Size/MD5 checksum: 2173542 48fe9cda367a7cc27f92d85d92b41039
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_powerpc.deb
Size/MD5 checksum: 38874 8a2bb630dbb823a6ff17215e1f0af758
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_powerpc.deb
Size/MD5 checksum: 186630 bdc7b36545911ed04ec782d58b227efb
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_powerpc.deb
Size/MD5 checksum: 263034 66b57b4acafa6e429c02794885c48e60
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_s390.deb
Size/MD5 checksum: 67778 590e6c18c9d02596f49d64b4611eb54e
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_s390.deb
Size/MD5 checksum: 43430 c096db0fd3865f26623d7885effd6751
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_s390.deb
Size/MD5 checksum: 2172874 7fc9489259f2e4fb14b34322f191b79c
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_s390.deb
Size/MD5 checksum: 38944 25af940b6ce231410cc82c4a818e0f5b
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_s390.deb
Size/MD5 checksum: 181600 80fb485a2ef322a9b2e42b261688e4d7
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_s390.deb
Size/MD5 checksum: 267588 d194c77d7317c1b716ff44edaf6ccb65
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.2_sparc.deb
Size/MD5 checksum: 64324 a26a1f0208c60f37a85ff6e120dab86c
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.2_sparc.deb
Size/MD5 checksum: 39392 bc8760a6e2ae4737260682f513242afd
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.2_sparc.deb
Size/MD5 checksum: 2171058 47adaeb9cfab1857a6d24476e5bd792b
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.2_sparc.deb
Size/MD5 checksum: 36854 356607cd1e092378da0471c6dd6fcfa1
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.2_sparc.deb
Size/MD5 checksum: 174914 be5710250858efd4181ac13f9febd723
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.2_sparc.deb
Size/MD5 checksum: 263320 828259b0260780173ffd0514b39fe0ba
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
Gentoo
------
Gentoo已经为此发布了一个安全公告(GLSA-200507-25)以及相应补丁:
GLSA-200507-25:Clam AntiVirus: Integer overflows
链接:http://security.gentoo.org/glsa/glsa-200507-25.xml
所有Clam AntiVirus用户都应升级到最新版本:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.86.2"
ClamAV
------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://prdownloads.sourceforge.net/clamav/clamav-0.86.2.tar.gz?download
浏览次数:2878
严重程度:0(网友投票)
绿盟科技给您安全的保障