exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2018-0360

Status Candidate

Overview

ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.

Related Files

Gentoo Linux Security Advisory 201904-12
Posted Apr 8, 2019
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201904-12 - Multiple vulnerabilities have been found in ClamAV, the worst of which could result in a Denial of Service condition. Versions less than 0.101.2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2018-0360, CVE-2018-0361, CVE-2018-15378, CVE-2019-1785, CVE-2019-1786, CVE-2019-1787, CVE-2019-1788, CVE-2019-1789, CVE-2019-1798
SHA-256 | d8fb8259f3eb16785380ecf968fcaa3c3a8238f3a7c55f5e7e6fda86ab2b141e
Ubuntu Security Notice USN-3722-6
Posted Sep 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-6 - USN-3722-1 fixed vulnerabilities in ClamAV. The new package introduced an issue which caused dpkg-reconfigure to enter an infinite loop. This update fixes the problem. It was discovered that ClamAV incorrectly handled parsing certain HWP files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
SHA-256 | 6325395b38e11aef78e86b6e436b664f9907e8d32726fc44f02f3a52a0186d47
Ubuntu Security Notice USN-3722-5
Posted Sep 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-5 - USN-3722-1 fixed vulnerabilities in ClamAV. The new package introduced an issue which caused dpkg-reconfigure to enter an infinite loop. This update fixes the problem. It was discovered that ClamAV incorrectly handled parsing certain HWP files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing certain PDF files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
SHA-256 | 44d30268bcd997d177a503fcb29ec105ec00fbdf9e6b2da27e00b264026f45cb
Ubuntu Security Notice USN-3722-3
Posted Jul 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-3 - USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version removed some configuration options which caused the daemon to fail to start in environments where the ClamAV configuration file was manually edited. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
SHA-256 | 41052a7d3bb083be920c2df786f863a32cee51a01ca68f639683d2e4d9a7eeec
Ubuntu Security Notice USN-3722-4
Posted Jul 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-4 - USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version removed some configuration options which caused the daemon to fail to start in environments where the ClamAV configuration file was manually edited. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
SHA-256 | 3f0e86e883998fe97abd02ceef3e0439bf2a4b04d4556694b7e29c0f101c686f
Ubuntu Security Notice USN-3722-1
Posted Jul 25, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-1 - It was discovered that ClamAV incorrectly handled parsing certain HWP files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. It was discovered that ClamAV incorrectly handled parsing certain PDF files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
SHA-256 | 87bcf5d5b273a823a8b15af73ba76a85add54d3a2085fcca99994a47af5d727e
Ubuntu Security Notice USN-3722-2
Posted Jul 25, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3722-2 - USN-3722-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that ClamAV incorrectly handled parsing certain HWP files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-0360, CVE-2018-0361
SHA-256 | b0ea137c2da882ba7aa7df4f1494a39fc16ab3f6a19c52351e2de906cc087f0f
Clam AntiVirus parsehwp3_paragraph() Denial Of Service
Posted Jul 13, 2018
Authored by Laurent Delosieres | Site secunia.com

Secunia Research has discovered a vulnerability in Clam AntiVirus, which can be exploited by malicious people to cause a DoS (Denial of Service). An integer overflow error within the "parsehwp3_paragraph()" function (libclamav/hwp.c) can be exploited to trigger an infinite loop via a specially crafted Hangul Word Processor file. The vulnerability is confirmed in version 0.100.0 and reported in versions prior to 0.100.1.

tags | advisory, denial of service, overflow
advisories | CVE-2018-0360
SHA-256 | 35de8f1d0b377601d9193972f01694233332853eeac0bf4ef7798aa8df394deb
Clam AntiVirus Toolkit 0.100.1
Posted Jul 9, 2018
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: ClamAV 0.100.1 is a hotfix release to patch a set of vulnerabilities.
tags | tool, virus
systems | unix
advisories | CVE-2017-16932, CVE-2018-0360, CVE-2018-0361
SHA-256 | 84e026655152247de7237184ee13003701c40be030dd68e0316111049f58a59f
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close