 |
Clam Anti-Virus MIME附件拒绝服务漏洞 |
|
|
| Clam Anti-Virus MIME附件拒绝服务漏洞 |
|
| 作者:佚名 文章来源:不详 点击数: 更新时间:2007-1-26 15:17:34 |
|
2006-12-12 12:38:14
发布日期:2006-12-09
更新日期:2006-12-11
受影响系统:Debian Linux 3.1
ClamAV ClamAV < 0.88.4-2 描述:
BUGTRAQ ID: 21510
CVE(CAN) ID: CVE-2006-5874
Clam AntiVirus是Unix的GPL杀毒工具包,很多邮件网关产品都在使用。
ClamAV在处理畸形编码的MIME附件时存在漏洞,远程攻击者可能利用此漏洞导致程序崩溃。
如果Clam AntiVirus扫描了包含有畸形的base64编码的MIME附件的话,就会触发空指针引用,导致拒绝服务。
<*来源:Stephen Gran
链接:http://www.debian.org/security/2005/dsa-1232
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1232-1)以及相应补丁:
DSA-1232-1:New clamav packages fix denial of service
链接:http://www.debian.org/security/2005/dsa-1232
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12.dsc
Size/MD5 checksum: 874 5b916037233c2d9d181ea83f1d42d712
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12.diff.gz
Size/MD5 checksum: 177238 a782b435ee944e318fc88c4a0cdb67b2
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84.orig.tar.gz
Size/MD5 checksum: 4006624 c43213da01d510faf117daa9a4d5326c
Architecture independent components:
http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.84-2.sarge.12_all.deb
Size/MD5 checksum: 154928 b32d2d2ece27947abc7b7c6330abf2b1
http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.84-2.sarge.12_all.deb
Size/MD5 checksum: 694464 eb184049df134a9006667e6785c24c25
http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.84-2.sarge.12_all.deb
Size/MD5 checksum: 123944 62365dceb1d3080f1164ce0a972fdf25
Alpha architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_alpha.deb
Size/MD5 checksum: 74764 be1106a34f9f141c035e5944b515d698
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_alpha.deb
Size/MD5 checksum: 48832 16c19937df6b1e662518667bf0d0ee6f
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_alpha.deb
Size/MD5 checksum: 2176478 42c9a257d406924bd2fcac05be372969
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_alpha.deb
Size/MD5 checksum: 42112 19cf2cd6d553eba10a02ff592c12c94a
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_alpha.deb
Size/MD5 checksum: 255854 038f4ce242d6db3705a8baf832e0e12f
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_alpha.deb
Size/MD5 checksum: 285746 c0d001b91c29d95bd53737b2d7b5c547
AMD64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_amd64.deb
Size/MD5 checksum: 68848 c0e28ed5358d1f5ebff13d61d6eb1eb4
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_amd64.deb
Size/MD5 checksum: 44184 c88134266b22681595f3c7ed12334a4f
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_amd64.deb
Size/MD5 checksum: 2173274 64577d98f3d80cfc1e6e74ff4d81fcd5
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_amd64.deb
Size/MD5 checksum: 39996 b463aded3ec3448e8a577674cc257c31
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_amd64.deb
Size/MD5 checksum: 176586 eeb2004aab6cc21d10384e5ca036a87c
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_amd64.deb
Size/MD5 checksum: 259932 870f959c30fe9e7bcf48deac7fd6759b
ARM architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_arm.deb
Size/MD5 checksum: 63922 29edcdab52e56c2b72af6af97ca0c768
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_arm.deb
Size/MD5 checksum: 39584 a8afdb2046b166a1b1f5b8a3e9b82e5e
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_arm.deb
Size/MD5 checksum: 2171286 d8537b008fbb7bf022af9c388fd3e4ac
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_arm.deb
Size/MD5 checksum: 37322 fd8f26bcf782fefba3c5a0530dcf2ec2
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_arm.deb
Size/MD5 checksum: 174942 4e3f425067940ad951c5db80bedb1bde
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_arm.deb
Size/MD5 checksum: 249834 941fa21a688be04473a079fca7e8a3b4
HP Precision architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_hppa.deb
Size/MD5 checksum: 68282 2fb841851035efd52fefa7e724d590be
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_hppa.deb
Size/MD5 checksum: 43280 d3c20fdeb6f4aebaa0dbe8ae90a5d184
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_hppa.deb
Size/MD5 checksum: 2173744 4d0ea408992b3b0f96e7d17ff167a729
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_hppa.deb
Size/MD5 checksum: 39452 c9c873ee637518fa15725c8490bf09bc
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_hppa.deb
Size/MD5 checksum: 202738 457a65fb73cd55814e01dc86fe4e09d8
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_hppa.deb
Size/MD5 checksum: 283560 80e6985db13798376fa0bd037180347b
Intel IA-32 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_i386.deb
Size/MD5 checksum: 65210 e77f2ea59853a44c9de70078084818f7
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_i386.deb
Size/MD5 checksum: 40316 a6277fe555ed016b66e31a8f12ae5900
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_i386.deb
Size/MD5 checksum: 2171600 04bed8cc7a6fce37fadb00e7c3de0158
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_i386.deb
Size/MD5 checksum: 38040 8f2f1d793f711032130b79374a3fe92d
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_i386.deb
Size/MD5 checksum: 159766 ed10728241f21d9ca16958b69ef2835e
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_i386.deb
Size/MD5 checksum: 254628 7a3362570c412ce45fef6af9836dc5a9
Intel IA-64 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_ia64.deb
Size/MD5 checksum: 81826 d6ce185e7548aca1a6d9d5076dd02c62
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_ia64.deb
Size/MD5 checksum: 55238 2048e4d1efbd87de9ab0bb0af1aad258
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_ia64.deb
Size/MD5 checksum: 2180260 a2609594a563da9abfa754d24417a9c2
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_ia64.deb
Size/MD5 checksum: 49194 017e5a956c866dfbf3fb25ac9ae9af92
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_ia64.deb
Size/MD5 checksum: 252232 beb80dffdfc1bc355437f40b4694d783
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_ia64.deb
Size/MD5 checksum: 317956 006317c527eac48b0328d53dab68863f
Motorola 680x0 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_m68k.deb
Size/MD5 checksum: 62522 7cbb98367bf49fcaaa4e17d740353fa1
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_m68k.deb
Size/MD5 checksum: 38214 23b7e1072c74ead32b3c4de2732d90a6
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_m68k.deb
Size/MD5 checksum: 2170512 24a34375e8aa0391b57695751778563c
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_m68k.deb
Size/MD5 checksum: 35076 0a65ea328e6f2a9b6682dd5124dea45d
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_m68k.deb
Size/MD5 checksum: 146374 257c0624826096b041dadfc21a722244
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_m68k.deb
Size/MD5 checksum: 250616 6e80c1cf4c8bb7289e277c74d415e187
Big endian MIPS architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_mips.deb
Size/MD5 checksum: 67954 d241687159539050660a0b26e65ce420
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_mips.deb
Size/MD5 checksum: 43788 464b8562f10bcb127cebd37192daaac9
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_mips.deb
Size/MD5 checksum: 2173044 97ebd82f119d09500a4ff5ccd8c21cef
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_mips.deb
Size/MD5 checksum: 37672 f39f4ff08d44f7e7994faf23b439af96
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_mips.deb
Size/MD5 checksum: 195606 a206da343265cb7e8c780544036bd491
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_mips.deb
Size/MD5 checksum: 257714 3d81be01bbdb7c0d48b4c97c8657c112
Little endian MIPS architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_mipsel.deb
Size/MD5 checksum: 67560 589421e196e11eb3536a2a8874af7d71
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_mipsel.deb
Size/MD5 checksum: 43588 4822a893c5c7f476b9991ed8ff9930e1
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_mipsel.deb
Size/MD5 checksum: 2173000 05c596728ad5d423d841522e5957e6e8
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_mipsel.deb
Size/MD5 checksum: 37962 432ecd8c78aaa8ce80cd385ad5a4f0d8
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_mipsel.deb
Size/MD5 checksum: 192076 77ab2250c971bb5f2a787cf904dc1176
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_mipsel.deb
Size/MD5 checksum: 255302 b2806442ee7af4103edec95f86ed4bec
PowerPC architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_powerpc.deb
Size/MD5 checksum: 69294 f737048437ce5bfc2843d757005bf902
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_powerpc.deb
Size/MD5 checksum: 44670 fc9c04bd42f2b377c85e1ca40c2889ba
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_powerpc.deb
Size/MD5 checksum: 2173674 a4b694e07e459765d2ba80471b83ef28
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_powerpc.deb
Size/MD5 checksum: 38876 0af124304eac3624be255d4e92dbc32b
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_powerpc.deb
Size/MD5 checksum: 187746 7b632f5ce2a16725010d83847031c992
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_powerpc.deb
Size/MD5 checksum: 265086 a81c89ca24d3fba3204278ec33ee3f2e
IBM S/390 architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_s390.deb
Size/MD5 checksum: 67892 9c6d6f8d31cfe729b0f14dc91f0111ed
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_s390.deb
Size/MD5 checksum: 43564 8f0b63348907e2a45b905c6c631a53a4
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_s390.deb
Size/MD5 checksum: 2172966 ac148963f872e961a99bda672d38bde4
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_s390.deb
Size/MD5 checksum: 38910 f9bc46b646faacf26f825aac7afd35f5
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_s390.deb
Size/MD5 checksum: 182718 cdce561be2f6cb23b1b29d834b2abac7
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_s390.deb
Size/MD5 checksum: 269694 168fdcd3e7231fac67facaffdbd30744
Sun Sparc architecture:
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.12_sparc.deb
Size/MD5 checksum: 64428 fc678da4d6ff9a60f1d0118857025c34
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.12_sparc.deb
Size/MD5 checksum: 39472 59309047f49d149d61dcaa64a7c1d261
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.12_sparc.deb
Size/MD5 checksum: 2171188 793f229374c70ed9f945effccaf4e18e
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.12_sparc.deb
Size/MD5 checksum: 36854 24fa5876984aa5e633781edf408dcda1
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.12_sparc.deb
Size/MD5 checksum: 175978 2fb86e8253a0f9a3da3bf1101f70168e
http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.12_sparc.deb
Size/MD5 checksum: 265034 2a31297ba3c110c4398c1dd09377e24e
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
|
|
| 文章录入:admin 责任编辑:admin |
|
|
上一篇文章: Sophos Anti-Virus SIT文档解析栈溢出漏洞
下一篇文章: AOL CDDBControl ActiveX控件缓冲区溢出漏洞 |
|
|
| 【字体:小 大】【发表评论】【加入收藏】【告诉好友】【打印此文】【关闭窗口】 |
|
|
 网友评论:(只显示最新10条。评论内容只代表网友观点,与本站立场无关!) |
|
|
|
|
|
