Lucene search
This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.DEBIAN_DSA-1680.NASLHistoryDec 04, 2008 - 12:00 a.m.
Debian DSA-1680-1 : clamav - buffer overflow, stack consumption
2008-12-0400:00:00
This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
14
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.145
Percentile
95.8%
Moritz Jodeit discovered that ClamAV, an anti-virus solution, suffers from an off-by-one-error in its VBA project file processing, leading to a heap-based buffer overflow and potentially arbitrary code execution (CVE-2008-5050 ).
Ilja van Sprundel discovered that ClamAV contains a denial of service condition in its JPEG file processing because it does not limit the recursion depth when processing JPEG thumbnails (CVE-2008-5314 ).
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-1680. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(35033);
script_version("1.14");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2008-5050", "CVE-2008-5314");
script_bugtraq_id(32207);
script_xref(name:"DSA", value:"1680");
script_name(english:"Debian DSA-1680-1 : clamav - buffer overflow, stack consumption");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Moritz Jodeit discovered that ClamAV, an anti-virus solution, suffers
from an off-by-one-error in its VBA project file processing, leading
to a heap-based buffer overflow and potentially arbitrary code
execution (CVE-2008-5050 ).
Ilja van Sprundel discovered that ClamAV contains a denial of service
condition in its JPEG file processing because it does not limit the
recursion depth when processing JPEG thumbnails (CVE-2008-5314 )."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505134"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507624"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2008-5050"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2008-5314"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2008/dsa-1680"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the clamav packages.
For the stable distribution (etch), these problems have been fixed in
version 0.90.1dfsg-4etch16."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(119, 399);
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:clamav");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:4.0");
script_set_attribute(attribute:"patch_publication_date", value:"2008/12/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2008/12/04");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"4.0", prefix:"clamav", reference:"0.90.1dfsg-4etch16")) flag++;
if (deb_check(release:"4.0", prefix:"clamav-base", reference:"0.90.1dfsg-4etch16")) flag++;
if (deb_check(release:"4.0", prefix:"clamav-daemon", reference:"0.90.1dfsg-4etch16")) flag++;
if (deb_check(release:"4.0", prefix:"clamav-dbg", reference:"0.90.1dfsg-4etch16")) flag++;
if (deb_check(release:"4.0", prefix:"clamav-docs", reference:"0.90.1dfsg-4etch16")) flag++;
if (deb_check(release:"4.0", prefix:"clamav-freshclam", reference:"0.90.1dfsg-4etch16")) flag++;
if (deb_check(release:"4.0", prefix:"clamav-milter", reference:"0.90.1dfsg-4etch16")) flag++;
if (deb_check(release:"4.0", prefix:"clamav-testfiles", reference:"0.90.1dfsg-4etch16")) flag++;
if (deb_check(release:"4.0", prefix:"libclamav-dev", reference:"0.90.1dfsg-4etch16")) flag++;
if (deb_check(release:"4.0", prefix:"libclamav2", reference:"0.90.1dfsg-4etch16")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
else security_hole(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
| Vendor | Product | Version | CPE |
|---|---|---|---|
| debian | debian_linux | clamav | p-cpe:/a:debian:debian_linux:clamav |
| debian | debian_linux | 4.0 | cpe:/o:debian:debian_linux:4.0 |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5050
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5314
bugs.debian.org/cgi-bin/bugreport.cgi?bug=505134
bugs.debian.org/cgi-bin/bugreport.cgi?bug=507624
security-tracker.debian.org/tracker/CVE-2008-5050
security-tracker.debian.org/tracker/CVE-2008-5314
www.debian.org/security/2008/dsa-1680
Related
debian
debian
[Backports-security-announce] Security Update for clamav
2008-12-15 13:31:51
[SECURITY] [DSA 1680-1] New clamav packages fix potential code execution
2008-12-04 08:26:17
[Backports-security-announce] Security Update for clamav
2008-12-15 12:36:28
openvas
openvas
Gentoo Security Advisory GLSA 200812-21 (clamav)
2008-12-29 00:00:00
Debian Security Advisory DSA 1680-1 (clamav)
2008-12-10 00:00:00
Debian: Security Advisory (DSA-1680-1)
2008-12-10 00:00:00
nessus
nessus
GLSA-200812-21 : ClamAV: Multiple vulnerabilities
2008-12-26 00:00:00
SuSE9 Security Update : clamav (YOU Patch Number 12293)
2012-04-23 00:00:00
openSUSE Security Update : clamav (clamav-357)
2009-07-21 00:00:00
gentoo
gentoo
ClamAV: Multiple vulnerabilities
2008-12-23 00:00:00
osv
osv
clamav - potential code execution
2008-12-04 00:00:00
cve
cve
CVE-2008-5050
2008-11-13 02:30:01
CVE-2008-5314
2008-12-03 17:30:00
prion
prion
Heap overflow
2008-11-13 02:30:00
Design/Logic Flaw
2008-12-03 17:30:00
nvd
nvd
CVE-2008-5050
2008-11-13 02:30:01
CVE-2008-5314
2008-12-03 17:30:00
debiancve
debiancve
CVE-2008-5050
2008-11-13 02:30:01
CVE-2008-5314
2008-12-03 17:30:00
redhatcve
redhatcve
CVE-2008-5050
2019-10-04 20:42:46
cvelist
cvelist
CVE-2008-5050
2008-11-13 01:00:00
CVE-2008-5314
2008-12-03 17:00:00
ubuntu
ubuntu
ClamAV vulnerability
2008-11-17 00:00:00
ClamAV vulnerability
2008-12-02 00:00:00
ubuntucve
ubuntucve
CVE-2008-5314
2008-12-03 00:00:00
CVE-2008-5050
2008-11-13 00:00:00
freebsd
freebsd
clamav -- off-by-one heap overflow in VBA project parser
2008-11-08 00:00:00
checkpoint_advisories
checkpoint_advisories
fedora
fedora
[SECURITY] Fedora 9 Update: clamav-0.93.3-2.fc9
2008-11-14 12:44:50
[SECURITY] Fedora 8 Update: clamav-0.92.1-4.fc8
2008-11-14 12:46:28
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
0.145
Percentile
95.8%
Related for DEBIAN_DSA-1680.NASL