FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

clamav -- MS-Expand file handling DoS vulnerability

Affected packages
clamav < 0.86
clamav-devel < 20050620

Details

VuXML ID 6d18fe19-ee67-11d9-8310-0001020eed82
Discovery 2005-06-29
Entry 2005-07-06

An iDEFENSE Security Advisory reports:

Remote exploitation of an input validation error in Clam AntiVirus ClamAV allows attackers to cause a denial of service condition.

The vulnerability specifically exists due to improper behavior during exceptional conditions.

Successful exploitation allows attackers to exhaust file descriptors pool and memory. Anti-virus detection functionality will fail if there is no file descriptors available with which to open files. Remote exploitation can be achieved by sending a malicious file in an e-mail message or during an HTTP session.

References

CVE Name CVE-2005-1922
Message FB24803D1DF2A34FA59FC157B77C97050462A3AC@IDSERV04.idef.com