In association with heise online

15 April 2008, 12:13

ClamAV 0.93 patches security holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The developers of the ClamAV open source virus scanner have published version 0.93, which patches several holes in addition to fixing the security vulnerability made public yesterday in the handling of crafted Windows EXE files compressed with Upack. In addition, the developers have improved a number of components that handle various file formats and added support for new file types.

The change log for ClamAV's version management system states that crafted Windows files compressed with Upack and executable files encrypted and compressed with PESpin can cause an exploitable heap-based buffer overflow.

In the new version the routines that unpack RAR archives no longer crash when they inspect crafted archives from the fuzzing test developed by the University of Oulo and CERT-FI. ClamAV also now handles manipulated ARJ archives properly. Though no details have been published, additional modifications have also been made to the unzip, SIS, cabinet, CHM and SZDD modules. Finally, the developers say that the pattern-searching files have been made more efficient, as has the signature format.

Administrators are advised to install the latest version of ClamAV as soon as possible. Linux distributors will soon be releasing updated packages that users should also install as soon as possible.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit