绿盟科技NSFOCUS安全漏洞系统

安全研究

安全漏洞

ClamAV堆溢出及整数溢出漏洞

发布日期：2008-02-12
更新日期：2008-02-20

受影响系统：

ClamAV ClamAV < 0.92.1

不受影响系统：

ClamAV ClamAV 0.92.1

描述：

BUGTRAQ  ID: 27751
CVE(CAN) ID: CVE-2008-0318,CVE-2008-0728

Clam AntiVirus是Unix的GPL杀毒工具包，很多邮件网关产品都在使用。

ClamAV的libclamav/pe.c文件中的cli_scanpe()函数在处理特制的PE文件时存在整数溢出漏洞，最终可能导致堆溢出；libclamav/mew.c文件中的unmew11()函数也存在堆溢出。

如果用户受骗打开了恶意文件的话，就可能触发这些溢出，导致以进程权限执行任意指令。

<*来源：Silvio Cesare （silvio@qualys.com）
        Elliot （wccoder@gmail.com）

  链接：http://secunia.com/advisories/19534/print/
        http://sourceforge.net/project/shownotes.php?release_id=575703
        http://www.debian.org/security/2008/dsa-1497
        http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=658
        http://security.gentoo.org/glsa/glsa-200802-09.xml
*>

建议：

临时解决方法：

* 禁止扫描PE文件。如果在使用clamscan的话，以--no-pe选项运行clamscan；如果在使用clamdscan的话，将clamd.conf文件中的ScanPE选项设置为no。

厂商补丁：

Debian
------
Debian已经为此发布了一个安全公告（DSA-1497-1）以及相应补丁:
DSA-1497-1：New clamav packages fix several vulnerabilities
链接：http://www.debian.org/security/2008/dsa-1497

补丁下载：

Source archives:

http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg.orig.tar.gz
Size/MD5 checksum: 11610428 6dc18602b0aa653924d47316f9411e49
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch10.dsc
Size/MD5 checksum:      900 fdaf84e03a9eb28d67bbd7f5d3e3614a
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch10.diff.gz
Size/MD5 checksum:   208025 ed8148dbb71bedbbe65fe189010713e5

Architecture independent packages:

http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.90.1dfsg-3etch10_all.deb
Size/MD5 checksum:   158102 421560c1c6070241a5507617e2f46f7a
http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.90.1dfsg-3etch10_all.deb
Size/MD5 checksum:   201866 5b0642d866ef0bc29f165937aa560112
http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.90.1dfsg-3etch10_all.deb
Size/MD5 checksum:  1005158 55a5202ff06ca5e16b10aa5d3661fe75

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3etch10_alpha.deb
Size/MD5 checksum:   464362 f84e2ff9cd5456bbd4e5243ac8349824
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3etch10_alpha.deb
Size/MD5 checksum:   372286 09c72a290ec14dba2bd69a54441f106b
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch10_alpha.deb
Size/MD5 checksum:   863734 c6b4cb433f8b507b535e8f6b2ec786a4
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3etch10_alpha.deb
Size/MD5 checksum:  9304100 283349257ed19031005efabbc3952ccb
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3etch10_alpha.deb
Size/MD5 checksum:   598478 dff2f56a270fc6d27849e2cefaa411d1
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3etch10_alpha.deb
Size/MD5 checksum:   180538 f931506803e06aef134241b1d84c7b2d
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3etch10_alpha.deb
Size/MD5 checksum:   184926 a83fc8a8555a69c9a59c5e15240dc7a4

amd64 architecture (AMD x86_64 (AMD64))

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3etch10_amd64.deb
Size/MD5 checksum:   177260 e5e7228d643484ddb117bbf3931f476c
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3etch10_amd64.deb
Size/MD5 checksum:   177828 61b1d02a43bd1a1721338c4ce7c3a422
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3etch10_amd64.deb
Size/MD5 checksum:   593024 d4b2eb626b4e6fef5bcde4ac222c6454
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3etch10_amd64.deb
Size/MD5 checksum:  9301526 a917f5918ca948b1b706f9f97130cbff
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3etch10_amd64.deb
Size/MD5 checksum:   341212 074e61d5932c8273aa3648a01b3d199d
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3etch10_amd64.deb
Size/MD5 checksum:   354574 e9d7cd1db27d4d6ff0e831edd3fef2e7
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch10_amd64.deb
Size/MD5 checksum:   856322 6c33d3f144ffa61bab3b520ce2848157

arm architecture (ARM)

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3etch10_arm.deb
Size/MD5 checksum:   171432 d1b27aca7795f9efcf24ca635a88e183
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3etch10_arm.deb
Size/MD5 checksum:   175574 a02de1a18d3bddafdea347edffc6df93
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3etch10_arm.deb
Size/MD5 checksum:   335222 b3d1e8b2e533096db0e23355b120a215
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3etch10_arm.deb
Size/MD5 checksum:  9299406 23766091d8962592de83172d6e38519d
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch10_arm.deb
Size/MD5 checksum:   853168 bb3033315390a31b4b2ea286b9462444
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3etch10_arm.deb
Size/MD5 checksum:   553796 273ec96bb8eb1bebba67b2948a5b555d
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3etch10_arm.deb
Size/MD5 checksum:   335776 bb2869b91aaeb6897c9485f3300f3ed3

hppa architecture (HP PA RISC)

http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3etch10_hppa.deb
Size/MD5 checksum:   396356 f5e732fe99bd168a4ae70c70eebcd1fa
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3etch10_hppa.deb
Size/MD5 checksum:   178356 267a08d94c9680072d5a48e59aa4091e
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3etch10_hppa.deb
Size/MD5 checksum:  9303518 11be572a7eb2cdecd2ec5468490ec123
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3etch10_hppa.deb
Size/MD5 checksum:   571608 318206fa992b380ab7cbc2d3fddb962a
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3etch10_hppa.deb
Size/MD5 checksum:   372312 a7f72014c1c37ca35d59e53ae9029e31
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3etch10_hppa.deb
Size/MD5 checksum:   177664 87a684e9fc27b82b488eaa96ec1b21ce
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch10_hppa.deb
Size/MD5 checksum:   857448 ae1563fdebe259c63439cdb9ed93fbb6

i386 architecture (Intel ia32)

http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3etch10_i386.deb
Size/MD5 checksum:   172654 120ceba726419c8f0c7bf36702a165b6
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch10_i386.deb
Size/MD5 checksum:   855988 4379ab276bcddfa2de2afb4a28d45b92
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3etch10_i386.deb
Size/MD5 checksum:  9300936 3de4dc89b270bfb43e4d3060ac083769
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3etch10_i386.deb
Size/MD5 checksum:   559940 5965d3bb43c964272f0e374b495520a7
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3etch10_i386.deb
Size/MD5 checksum:   338418 752b3738479c070b0934294470d16f2d
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3etch10_i386.deb
Size/MD5 checksum:   339656 73b2c60bb4357188b4e6da5258c9313d
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3etch10_i386.deb
Size/MD5 checksum:   175332 62182b035a595edf9900528b31a93636

ia64 architecture (Intel ia64)

http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3etch10_ia64.deb
Size/MD5 checksum:   610248 ae421a5085da3c747f7ae61970653089
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3etch10_ia64.deb
Size/MD5 checksum:   192218 96b2dac90209942f6fd76d89b06051b6
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3etch10_ia64.deb
Size/MD5 checksum:   201948 a6afd51d36c3beb42d2a8c9ee81c791a
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3etch10_ia64.deb
Size/MD5 checksum:   465282 9674fecaea45d00e6cafbb968bc9c84f
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3etch10_ia64.deb
Size/MD5 checksum:  9315570 a6494553e580af204acfc3ef57815c66
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch10_ia64.deb
Size/MD5 checksum:   878724 02cb3b6d395462cca58e4d71df92c9f5
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3etch10_ia64.deb
Size/MD5 checksum:   427098 940933bfd1a6ae8209ccba7ac9ad5c15

mips architecture (MIPS (Big Endian))

http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3etch10_mips.deb
Size/MD5 checksum:   175204 2fa965bed67d384ec9a011bb9ac2d023
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3etch10_mips.deb
Size/MD5 checksum:   343012 20916656010a03b84a28801c0a4340b5
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3etch10_mips.deb
Size/MD5 checksum:   398084 4efac167cb091944c8669040b3e2ddc5
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3etch10_mips.deb
Size/MD5 checksum:  9301350 b071e55bceed1b74b3ef5e87d41600c1
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3etch10_mips.deb
Size/MD5 checksum:   599362 891879d3f4b662e8bb1b311a081941f3
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch10_mips.deb
Size/MD5 checksum:   854890 c5b72bfa592c5b42ab7753ce91b7559c
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3etch10_mips.deb
Size/MD5 checksum:   179370 d1d697ad74196477910fee87a5125d6e

mipsel architecture (MIPS (Little Endian))

http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3etch10_mipsel.deb
Size/MD5 checksum:   336394 9e24d8323eabc7ff6b4956760807cfdd
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3etch10_mipsel.deb
Size/MD5 checksum:   389264 d3e430dccc4b5607d17b24054a8057ee
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3etch10_mipsel.deb
Size/MD5 checksum:   176198 ddc27f8c962278ee672d74b69c309852
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch10_mipsel.deb
Size/MD5 checksum:   854884 d92f4118974da878fc145700874af7cc
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3etch10_mipsel.deb
Size/MD5 checksum:   180264 8059ea705c23baacee90fc25baf8f5be
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3etch10_mipsel.deb
Size/MD5 checksum:   590418 6747b1e6c47885abbed4f69c6498839d
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3etch10_mipsel.deb
Size/MD5 checksum:  9301872 cec2eddb15c0c0cc2aa74153abbaf773

s390 architecture (IBM S/390)

http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3etch10_s390.deb
Size/MD5 checksum:   361024 0d8d132cc01ac81897f86323fef0bbb0
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch10_s390.deb
Size/MD5 checksum:   855508 5c90da24c7729ebaf76070b7a8de2188
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3etch10_s390.deb
Size/MD5 checksum:  9301126 0f5305603804e2cb3b707a96f565715d
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3etch10_s390.deb
Size/MD5 checksum:   177422 ea3f44572ccb4d250deab0631fbb9977
http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3etch10_s390.deb
Size/MD5 checksum:   581234 6d2e198b8d7b402b3c904ff389de74c8
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3etch10_s390.deb
Size/MD5 checksum:   176640 c38feac81c33f0bf9d328b94eba94321
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3etch10_s390.deb
Size/MD5 checksum:   369494 dae23d207fa1b58e113781f4b536fc7b

sparc architecture (Sun SPARC/UltraSPARC)

http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1dfsg-3etch10_sparc.deb
Size/MD5 checksum:   540684 444abf601591de3668474e11cc4f185d
http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1dfsg-3etch10_sparc.deb
Size/MD5 checksum:   174316 93dd45b1841345c08740b3087d1b315c
http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1dfsg-3etch10_sparc.deb
Size/MD5 checksum:   348604 1f82ef68229b550698bb731fd774e025
http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1dfsg-3etch10_sparc.deb
Size/MD5 checksum:   357318 cf4a75b40792078268e28470d79d4945
http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1dfsg-3etch10_sparc.deb
Size/MD5 checksum:   172386 bb9b8f6f9400f17d7d25a7b9cc5f8a4f
http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1dfsg-3etch10_sparc.deb
Size/MD5 checksum:   851638 f916bf0a41766c16ffb49440e9fc0170
http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1dfsg-3etch10_sparc.deb
Size/MD5 checksum:  9299024 0516d4ccf319dd4cd4d85b1226763b8d

补丁安装方法：

1. 手工安装补丁包：

  首先，使用下面的命令来下载补丁软件：
  # wget url  (url是补丁下载链接地址)

  然后，使用下面的命令来安装补丁：
  # dpkg -i file.deb (file是相应的补丁名)

2. 使用apt-get自动安装补丁包：

   首先，使用下面的命令更新内部数据库：
   # apt-get update

   然后，使用下面的命令安装更新软件包：
   # apt-get upgrade

Gentoo
------
Gentoo已经为此发布了一个安全公告（GLSA-200802-09）以及相应补丁:
GLSA-200802-09：ClamAV: Multiple vulnerabilities
链接：http://security.gentoo.org/glsa/glsa-200802-09.xml

所有ClamAV用户都应升级到最新版本：

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.92.1"

ClamAV
------
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

http://downloads.sourceforge.net/clamav/clamav-0.92.1.tar.gz?modtime=1202767996&big_mirror=0

浏览次数：4582
严重程度：0（网友投票）

本安全漏洞由绿盟科技翻译整理，版权所有，未经许可，不得转载
绿盟科技给您安全的保障

关于我们: 公司介绍; 公司荣誉; 公司新闻

联系我们: 公司总部; 分支机构; 海外机构

快速链接: 绿盟云; 绿盟威胁情报中心NTI; 技术博客