Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2721

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2011-2721
Last Modified 21 Nov 2011 10:57:44
Published 05 Aug 2011 05:55:08
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-2721

Summary

Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations.

Vulnerable Systems

Application

  • Clamav 0.01

  • Clamav 0.02

  • Clamav 0.03

  • Clamav 0.05

  • Clamav 0.10

  • Clamav 0.12

  • Clamav 0.13

  • Clamav 0.14

  • Clamav 0.15

  • Clamav 0.20

  • Clamav 0.21

  • Clamav 0.22

  • Clamav 0.23

  • Clamav 0.24

  • Clamav 0.3

  • Clamav 0.51

  • Clamav 0.52

  • Clamav 0.53

  • Clamav 0.54

  • Clamav 0.60

  • Clamav 0.60p

  • Clamav 0.65

  • Clamav 0.66

  • Clamav 0.67

  • Clamav 0.67-1

  • Clamav 0.68

  • Clamav 0.68.1

  • Clamav 0.70

  • Clamav 0.71

  • Clamav 0.72

  • Clamav 0.73

  • Clamav 0.74

  • Clamav 0.75

  • Clamav 0.75.1

  • Clamav 0.8

  • Clamav 0.80

  • Clamav 0.80 Rc

  • Clamav 0.81

  • Clamav 0.82

  • Clamav 0.83

  • Clamav 0.84

  • Clamav 0.85

  • Clamav 0.85.1

  • Clamav 0.86

  • Clamav 0.86.1

  • Clamav 0.86.2

  • Clamav 0.87

  • Clamav 0.87.1

  • Clamav 0.88

  • Clamav 0.88.1

  • Clamav 0.88.2

  • Clamav 0.88.3

  • Clamav 0.88.4

  • Clamav 0.88.5

  • Clamav 0.88.6

  • Clamav 0.88.7

  • Clamav 0.88.7 P0

  • Clamav 0.88.7 P1

  • Clamav 0.9

  • Clamav 0.90

  • Clamav 0.90.1

  • Clamav 0.90.1 P0

  • Clamav 0.90.2

  • Clamav 0.90.2 P0

  • Clamav 0.90.3

  • Clamav 0.90.3 P0

  • Clamav 0.90.3 P1

  • Clamav 0.91

  • Clamav 0.91.1

  • Clamav 0.91.2

  • Clamav 0.91.2 P0

  • Clamav 0.92

  • Clamav 0.92 P0

  • Clamav 0.92.1

  • Clamav 0.93

  • Clamav 0.93.1

  • Clamav 0.93.2

  • Clamav 0.93.3

  • Clamav 0.94

  • Clamav 0.94.1

  • Clamav 0.94.2

  • Clamav 0.95

  • Clamav 0.95.1

  • Clamav 0.95.2

  • Clamav 0.95.3

  • Clamav 0.96

  • Clamav 0.96.1

  • Clamav 0.96.2

  • Clamav 0.96.3

  • Clamav 0.96.4

  • Clamav 0.96.5

  • Clamav 0.97

  • Clamav 0.97.1


References

CONFIRM - https://wwws.clamav.net/bugzilla/show_bug.cgi?id=2818

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=725694

CONFIRM - https://bugzilla.novell.com/show_bug.cgi?id=708263

MLIST - [oss-security] 20110726 CVE Request -- Clam AntiVirus -- v0.97.2 -- Off-by-one error by scanning message hashes

MLIST - [oss-security] 20110726 Re: CVE Request -- Clam AntiVirus -- v0.97.2 -- Off-by-one error by scanning message hashes

CONFIRM - http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=4842733eb3f09be61caeed83778bb6679141dbc5

XF - clamav-scan-dos(68785)

UBUNTU - USN-1179-1

BID - 48891

OSVDB - 74181

MANDRIVA - MDVSA-2011:122

SECTRACK - 1025858

SECUNIA - 46717

SECUNIA - 45382

FEDORA - FEDORA-2011-15033

FEDORA - FEDORA-2011-15119

FEDORA - FEDORA-2011-15076

CONFIRM - http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97.2

Related Patches

Novell SUSE 2011:4942 clamav security update for SLE 11 SP1 i586


Last Updated: 27 May 2016 10:57:05