In association with heise online

18 June 2008, 10:48

DoS vulnerability in ClamAV fixed

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Version 0.93.1 of the free ClamAV virus scanner fixes a problem which occurs when processing compressed files. Executable files compressed with the Petite packer may provoke a memory error and cause the scanner to crash in certain circumstances. Attackers can exploit this flaw to carry out DoS attacks on mail gateways which use ClamAV to scan attachments.

Affected are all versions up to 0.93.1. ClamAV 0.93.1 also offers improved handling of PDF, CAB, RTF, OLE2 and HTML files and fixes several other problems.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit