what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2008-229

Mandriva Linux Security Advisory 2008-229
Posted Nov 15, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - An off-by-one error was found in ClamAV versions prior to 0.94.1 that could allow remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted VBA project file. Other bugs have also been corrected in 0.94.1 which is being provided with this update.

tags | advisory, remote, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2008-5050
SHA-256 | e1aab69495ae010aa0a9d6938ae571c19e5e88391968e5aa2b5b8c8d698fc850

Mandriva Linux Security Advisory 2008-229

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2008:229
http://www.mandriva.com/security/
_______________________________________________________________________

Package : clamav
Date : November 14, 2008
Affected: 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

An off-by-one error was found in ClamAV versions prior to 0.94.1 that
could allow remote attackers to cause a denial of service or possibly
execute arbitrary code via a crafted VBA project file (CVE-2008-5050).

Other bugs have also been corrected in 0.94.1 which is being provided
with this update.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5050
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2008.0:
4a120c7624cd31abdef8406545e30910 2008.0/i586/clamav-0.94.1-2.1mdv2008.0.i586.rpm
4f612c8fc5080e892130cf2aa30e51a2 2008.0/i586/clamav-db-0.94.1-2.1mdv2008.0.i586.rpm
1044a1caf1d247fe25deddb22a603597 2008.0/i586/clamd-0.94.1-2.1mdv2008.0.i586.rpm
bd02ba446db1634c1945c3fd41a3cf89 2008.0/i586/libclamav5-0.94.1-2.1mdv2008.0.i586.rpm
6bbd77167ef0a624a4d275c4ee5aab63 2008.0/i586/libclamav-devel-0.94.1-2.1mdv2008.0.i586.rpm
0dde713543b21f5ca52c4d58383ecaf3 2008.0/SRPMS/clamav-0.94.1-2.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
a2f94de161f6038ac0d003afc4ecb45e 2008.0/x86_64/clamav-0.94.1-2.1mdv2008.0.x86_64.rpm
458891795f311e5fe9a9572acdc4fad5 2008.0/x86_64/clamav-db-0.94.1-2.1mdv2008.0.x86_64.rpm
b98de6d8e521716d5098629c4b4bff95 2008.0/x86_64/clamd-0.94.1-2.1mdv2008.0.x86_64.rpm
886066f300513623cecd727db5da9c33 2008.0/x86_64/lib64clamav5-0.94.1-2.1mdv2008.0.x86_64.rpm
3de51e959737c3a0982bf705af4fbec1 2008.0/x86_64/lib64clamav-devel-0.94.1-2.1mdv2008.0.x86_64.rpm
0dde713543b21f5ca52c4d58383ecaf3 2008.0/SRPMS/clamav-0.94.1-2.1mdv2008.0.src.rpm

Mandriva Linux 2008.1:
3ed90df7ea9d02f7ff232eb7529f8ba6 2008.1/i586/clamav-0.94.1-2mdv2008.1.i586.rpm
bc3234eca85d90fad74aedcf9d08d6f9 2008.1/i586/clamav-db-0.94.1-2mdv2008.1.i586.rpm
b5936ac8b57b0260b57fa3da2b4a813c 2008.1/i586/clamd-0.94.1-2mdv2008.1.i586.rpm
241e648dc995c03cc62a101cf00f2632 2008.1/i586/libclamav5-0.94.1-2mdv2008.1.i586.rpm
3570a761d50b6d6cf034f9c8c5333e33 2008.1/i586/libclamav-devel-0.94.1-2mdv2008.1.i586.rpm
6c34e5fd82d33489eec50c08666a9285 2008.1/SRPMS/clamav-0.94.1-2mdv2008.1.src.rpm

Mandriva Linux 2008.1/X86_64:
bda76080176f91cb58db40227aad8c61 2008.1/x86_64/clamav-0.94.1-2mdv2008.1.x86_64.rpm
dd9050e863bfe2455831180e90fd4928 2008.1/x86_64/clamav-db-0.94.1-2mdv2008.1.x86_64.rpm
dbd0cbdf2bcf8a3a1d8788749a977a62 2008.1/x86_64/clamd-0.94.1-2mdv2008.1.x86_64.rpm
918367efa9d6da46851bdb9a2b50a719 2008.1/x86_64/lib64clamav5-0.94.1-2mdv2008.1.x86_64.rpm
e708a11bf4df78af44022b245ef0a1d0 2008.1/x86_64/lib64clamav-devel-0.94.1-2mdv2008.1.x86_64.rpm
6c34e5fd82d33489eec50c08666a9285 2008.1/SRPMS/clamav-0.94.1-2mdv2008.1.src.rpm

Mandriva Linux 2009.0:
0f778e49185ed0c79196a556ad610fb4 2009.0/i586/clamav-0.94.1-2mdv2009.0.i586.rpm
036d1122a7278cca7e72659fcae305f8 2009.0/i586/clamav-db-0.94.1-2mdv2009.0.i586.rpm
f232743d8963dfc84dfff8941970b147 2009.0/i586/clamd-0.94.1-2mdv2009.0.i586.rpm
f44183b1c32fd70418735a8251498ed8 2009.0/i586/libclamav5-0.94.1-2mdv2009.0.i586.rpm
344b38ebe0c65e6d6abaab3706e7c2d6 2009.0/i586/libclamav-devel-0.94.1-2mdv2009.0.i586.rpm
0558907f32571f4ba2820353c01b95cf 2009.0/SRPMS/clamav-0.94.1-2mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
1e7408051f4aacc418f8f6be9943f4e6 2009.0/x86_64/clamav-0.94.1-2mdv2009.0.x86_64.rpm
07114ef73bda272c2f3ba3694250dcb5 2009.0/x86_64/clamav-db-0.94.1-2mdv2009.0.x86_64.rpm
097d65cfa28451572df549a8f6035d7b 2009.0/x86_64/clamd-0.94.1-2mdv2009.0.x86_64.rpm
a6414357665c15a5ba457745fcc5198d 2009.0/x86_64/lib64clamav5-0.94.1-2mdv2009.0.x86_64.rpm
1f3462333c4382bec424711706943641 2009.0/x86_64/lib64clamav-devel-0.94.1-2mdv2009.0.x86_64.rpm
0558907f32571f4ba2820353c01b95cf 2009.0/SRPMS/clamav-0.94.1-2mdv2009.0.src.rpm

Corporate 3.0:
6a4bc1edc194b63ac516342c9a8fd662 corporate/3.0/i586/clamav-0.94.1-1.1.C30mdk.i586.rpm
73a6316315af4df3bfcd9ab3013e7d38 corporate/3.0/i586/clamav-db-0.94.1-1.1.C30mdk.i586.rpm
dac04c7ef47d707ed6d6f1a93ed771e5 corporate/3.0/i586/clamd-0.94.1-1.1.C30mdk.i586.rpm
f27a634805c01f4b630c6e54de41cea6 corporate/3.0/i586/libclamav5-0.94.1-1.1.C30mdk.i586.rpm
be4c0ab9842a4ca264b19f2cd457c825 corporate/3.0/i586/libclamav-devel-0.94.1-1.1.C30mdk.i586.rpm
adddb2c28c6336400adde155122fdeb5 corporate/3.0/SRPMS/clamav-0.94.1-1.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
553fca8ee2b24b098ffe7a69ebf6f7d1 corporate/3.0/x86_64/clamav-0.94.1-1.1.C30mdk.x86_64.rpm
29d4426e96a6d6b17b2c33761578b86d corporate/3.0/x86_64/clamav-db-0.94.1-1.1.C30mdk.x86_64.rpm
65ec3b8aec99fcd5e38664862d2279ba corporate/3.0/x86_64/clamd-0.94.1-1.1.C30mdk.x86_64.rpm
d8bdcd787cf07bdf0899e9cc178bf012 corporate/3.0/x86_64/lib64clamav5-0.94.1-1.1.C30mdk.x86_64.rpm
2c575bc6d82897ae866e2031c3729d99 corporate/3.0/x86_64/lib64clamav-devel-0.94.1-1.1.C30mdk.x86_64.rpm
adddb2c28c6336400adde155122fdeb5 corporate/3.0/SRPMS/clamav-0.94.1-1.1.C30mdk.src.rpm

Corporate 4.0:
7462d619f941c799bc58448b13122271 corporate/4.0/i586/clamav-0.94.1-1.1.20060mlcs4.i586.rpm
7c69f00769c6f285e42a9bae29745758 corporate/4.0/i586/clamav-db-0.94.1-1.1.20060mlcs4.i586.rpm
27991558a673913188cf8d968d1b594b corporate/4.0/i586/clamd-0.94.1-1.1.20060mlcs4.i586.rpm
e32cc6209d42050be9b87eb9e7b50cc6 corporate/4.0/i586/libclamav5-0.94.1-1.1.20060mlcs4.i586.rpm
43a820ed215d1bc3f55c91c9a35668ac corporate/4.0/i586/libclamav-devel-0.94.1-1.1.20060mlcs4.i586.rpm
c8c748cb4ff626c87ec4ec620873516b corporate/4.0/SRPMS/clamav-0.94.1-1.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
acfcee4b7b662b20cbb7339c6874ff4a corporate/4.0/x86_64/clamav-0.94.1-1.1.20060mlcs4.x86_64.rpm
e92cb46b6d371f73eff43b476dcd54f4 corporate/4.0/x86_64/clamav-db-0.94.1-1.1.20060mlcs4.x86_64.rpm
ec10430998e66eb4480b57d2fb6498cb corporate/4.0/x86_64/clamd-0.94.1-1.1.20060mlcs4.x86_64.rpm
fdf5c8befc3d9d1998374f50cb5422e2 corporate/4.0/x86_64/lib64clamav5-0.94.1-1.1.20060mlcs4.x86_64.rpm
e8c7a76407422da2d981c78ceb08d025 corporate/4.0/x86_64/lib64clamav-devel-0.94.1-1.1.20060mlcs4.x86_64.rpm
c8c748cb4ff626c87ec4ec620873516b corporate/4.0/SRPMS/clamav-0.94.1-1.1.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJHcTemqjQ0CJFipgRAlpVAJ0b6pm8UdqWIdKxPfFjTf5TWFsW1wCfdjSr
OpG3ud3BqpP/lBGsycPNuWY=
=AY8S
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close