In association with heise online

16 October 2006, 13:14

Security hole in ClamAV

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The developers of ClamAV, an open source virus scanner, have released a new version 0.88.5 of the software to close unearthed security holes. Attackers could use manipulated CHM help files to crash previous versions of the scanner, thereby executing a denial of service attack on the service. A buffer overflow could occur in the heap through the function for rebuilding of executable PE files after unpacking – whether ill-intentioned individuals could use this to plant arbitrary program code was not revealed in the Changelog.

The current code is available for download at the project's page at Sourceforge. Linux distributors are also likely soon to deliver updated packages of the virus scanner.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit