A Secunia bulletin earlier today alerted us to a potential denial of service in the popular open-source anti-virus package ClamAV. The vulnerability is in the pefromupx() routine for unpacking a UPX packed PE executable. The advisory states that all versions up to, and including, 0.88.4 are vulnerable. The front page of http://www.clamav.net states that the latest stable version is 0.88.4, but the "stable" page only mentions 0.88.3 released last month. The sourceforge download page lists a clamav-0.88.4.tar.gz (and .sig), but at the time of this writing, actually clicking on the link results in a "file not found" error. So, it looks like they are scrambling to fix this one and the new version should be available shortly.
--------------------------- Jim Clausing, jclausing --at-- isc.sans.org I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS Secure Japan 2021 |
Jim 417 Posts ISC Handler Aug 7th 2006 |
Thread locked Subscribe |
Aug 7th 2006 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!