List Info

Thread: Kolab Security Issue 13 20061019 (clamav)
Kolab Security Issue 13 20061019 (clamav)
user name
 2006-10-19 15:27:50 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Kolab Security Issue 13 20061019
================================

Package:              Kolab Server, ClamAV
Vulnerability:        heap overflow, remotely exploitable
(CVE-2006-4182),
                      denial of service, remotely
exploitable (CVE-2006-5295)
Kolab Specific:       no
Dependent Packages:   none


Summary
~~~~~~~

CVE-2006-4182

    Damian Put discovered a heap overflow error in the
script to rebuild
    PE files, which could lead to the execution of arbitrary
code.

CVE-2006-5295

    Damian Put discovered that missing input sanitising in
the CHM
    handling code might lead to denial of service.


Affected Versions
~~~~~~~~~~~~~~~~~

This affects versions of ClamAV up to version 0.88.4.
Kolab Server 2.0.4 and Kolab Server 2.1beta2 are vulnerable.
Previous releases are affected.


Fix
~~~

Upgrade to ClamAV 0.88.5.

The ClamAV source RPM is available from the Kolab download
mirrors as:
security-updates/20061019/clamav-0.88.5-2.20061018.src.rpm

A binary RPM for Kolab Server 2.0.4 (ix86 Debian GNU/Linux
Sarge) is available:
security-updates/20061019/clamav-0.88.5-2.20061018.ix86-debi
an3.1-kolab.rpm

All other Server versions: Please build from the src.rpm.


The mirrors are listed on http://kolab.org/mirror
s.html
While the mirrors are catching up, you can also get the
package via rsync:
# rsync -tvP
rsync://rsync.kolab.org/kolab/server/security-updates/securi
ty-updates/20061019/clamav-0.88.5-2.20061018.src.rpm .
# rsync -tvP
rsync://rsync.kolab.org/kolab/server/security-updates/securi
ty-updates/20061019/clamav-0.88.5-2.20061018.ix86-debian3.1-
kolab.rpm .

MD5 sums:
d449d8970698e3bd3dd30eac7a1e4579 
clamav-0.88.5-2.20061018.src.rpm
4c819dcaffe3602a927965115ff328d5 
clamav-0.88.5-2.20061018.ix86-debian3.1-kolab.rpm

The package can be installed on your Kolab Server with

# /kolab/bin/openpkg rpm --rebuild
clamav-0.88.5-2.20061018.src.rpm
# /kolab/bin/openpkg rpm 
  -Uvh
/kolab/RPM/PKG/clamav-0.88.5-2.20061018.<ARCH>-<OS&
gt;-kolab.rpm


Details
~~~~~~~

http://sourceforge.net/project/shownotes.php?relea
se_id=455799
	ClamAV 0.88.5 release notes

http://www.sec
urityfocus.com/bid/20535
	Clam Anti-Virus PE Rebuilding Heap Buffer Overflow
Vulnerability
	(CVE-2006-4182)

http://www.sec
urityfocus.com/bid/20537
	Clam Anti-Virus CHM Unpacker Denial Of Service
Vulnerability
	(CVE-2006-5295)


Timeline
~~~~~~~~
    20061015 ClamAV release 0.88.5.
    20061018 OpenPKG 0.88.5 package release.
    20061019 Kolab Server security advisory published.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFFN5dhW7P1GVgWeRoRAqLQAKChYWtNVbzLGvVy4uuLuJuFQ9OwiACf
QKS+
DeF+soaUL4p5iwtTZxagxNg=
=73VV
-----END PGP SIGNATURE-----

-- 
Email: thomasintevation.de
http://intevation.de/~t
homas/

_______________________________________________
Kolab-announce mailing list
Kolab-announcekolab.org
htt
ps://kolab.org/mailman/listinfo/kolab-announce
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )