Note clamav remote denial-of-service.

author: Jacques Vidrine <nectar@FreeBSD.org> 2004-02-12 15:09:26 +0000
committer: Jacques Vidrine <nectar@FreeBSD.org> 2004-02-12 15:09:26 +0000
commit: 404b2ce9082a59b66e1d8c8eff94ece0ec0ad023 (patch)
tree: eb86b3e1a02b9d9a557322beed6eb49c4fd1b695 /security
parent: Note XFree86 server buffer overflows. (diff)
1 files changed, 25 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 4f2ed2a54926..40c5ad0bd42b 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -32,6 +32,31 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
   "http://www.vuxml.org/dtd/vuxml-1/vuxml-10.dtd">
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
 
+  <vuln vid="74a9541d-5d6c-11d8-80e3-0020ed76ef5a">
+    <topic>clamav remote denial-of-service</topic>
+    <affects>
+      <package>
+	<name>clamav</name>
+	<range><lt>0.65_7</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+        <p>clamav will exit when a programming
+	  assertion is not met.  A malformed uuencoded message can
+	  trigger this assertion, allowing an attacker to trivially
+	  crash clamd or other components of clamav.</p>
+      </body>
+    </description>
+    <references>
+      <url>http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/62586</url>
+      <url>http://www.securityfocus.com/archive/1/353186</url>
+    </references>
+    <dates>
+      <discovery>2004/02/09</discovery>
+      <entry>2004/02/12</entry>
+    </dates>
+  </vuln>
 
   <vuln vid="3837f462-5d6b-11d8-80e3-0020ed76ef5a">
     <topic>Buffer overflows in XFree86 servers</topic>
author	Jacques Vidrine <nectar@FreeBSD.org>	2004-02-12 15:09:26 +0000
committer	Jacques Vidrine <nectar@FreeBSD.org>	2004-02-12 15:09:26 +0000
commit	404b2ce9082a59b66e1d8c8eff94ece0ec0ad023 (patch)
tree	eb86b3e1a02b9d9a557322beed6eb49c4fd1b695 /security
parent	Note XFree86 server buffer overflows. (diff)