diff options
author | Marcus Alves Grando <mnag@FreeBSD.org> | 2006-12-12 20:51:24 +0000 |
---|---|---|
committer | Marcus Alves Grando <mnag@FreeBSD.org> | 2006-12-12 20:51:24 +0000 |
commit | d4ace0bd8c5373395617d5c39499845b753bd94e (patch) | |
tree | 6e35ac4a4ba65069081356c80082c1035a82afa8 /security | |
parent | 1e3ab0b7c37da96d5e0890afb873ed73a10b8e4e (diff) | |
download | ports-d4ace0bd8c5373395617d5c39499845b753bd94e.tar.gz ports-d4ace0bd8c5373395617d5c39499845b753bd94e.zip |
Notes
Diffstat (limited to 'security')
-rw-r--r-- | security/vuxml/vuln.xml | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index c9ed44c3c44f..fa86e3ad3821 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,41 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="eb5124a4-8a20-11db-b033-00123ffe8333"> + <topic>clamav -- Multipart Nestings Denial of Service</topic> + <affects> + <package> + <name>clamav</name> + <range><lt>0.88.7</lt></range> + </package> + <package> + <name>clamav-devel</name> + <range><le>20061029</le></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Secunia reports:</p> + <blockquote cite="http://secunia.com/advisories/23347/"> + <p>Clam AntiVirus have a vulnerability, which can be exploited by + malicious people to cause a DoS (Denial of Service).</p> + <p>The vulnerability is caused due to a stack overflow when scanning + messages with deeply nested multipart content. This can be + exploited to crash the service by sending specially crafted emails + to a vulnerable system.</p> + </blockquote> + </body> + </description> + <references> + <url>http://secunia.com/advisories/23347/</url> + <url>http://www.quantenblog.net/security/virus-scanner-bypass</url> + </references> + <dates> + <discovery>2006-12-06</discovery> + <entry>2006-10-12</entry> + </dates> + </vuln> + <vuln vid="1b043693-8617-11db-93b2-000e35248ad7"> <topic>libxine -- multiple buffer overflow vulnerabilities</topic> <affects> |