FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-1989

This CVE name corresponds to:

Entered Topic
2006-05-03 clamav -- Freshclam HTTP Header Buffer Overflow Vulnerability

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-1989 at cve.mitre.org

Details

Type Candidate
Name CVE-2006-1989
Phase Assigned(20060424)

Description

Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers.

References

Source Reference
CONFIRM http://www.clamav.net/security/0.88.2.html
CONFIRM http://kolab.org/security/kolab-vendor-notice-09.txt
APPLE APPLE-SA-2006-06-27
DEBIAN DSA-1050
GENTOO GLSA-200605-03
MANDRIVA MDKSA-2006:080
SUSE SUSE-SR:2006:010
SUSE SUSE-SA:2006:025
TRUSTIX 2006-0024
CERT-VN VU#599220
BID 17754
VUPEN ADV-2006-1586
VUPEN ADV-2006-2566
OSVDB 25120
SECTRACK 1016392
SECUNIA 19880
SECUNIA 19912
SECUNIA 19963
SECUNIA 19874
SECUNIA 19964
SECUNIA 20159
SECUNIA 20117
SECUNIA 20877
XF clamav-freshclam-http-bo(26182)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.