[Fwd: [gentoo-announce] [ GLSA 200402-07 ] Clamav 0.65 DoS
vulnerability]
Oliver Eikemeier
eikemeier at fillmore-labs.com
Wed Feb 18 17:11:33 PST 2004
Jacques A. Vidrine wrote:
> On Wed, Feb 18, 2004 at 08:26:33AM -0600, Thomas T. Veldhouse wrote:
>
>>Attached is a security alert from Gentoo pertaining to clam antivirus.
>>It seems that as of this morning, FreeBSD's ports still contain the
>>affected version.
>
> Oliver (the discoverer of the vulnerability) is a FreeBSD developer and
> fixed the port some time ago.
>
> See also
> <URL:http://www.vuxml.org/freebsd/74a9541d-5d6c-11d8-80e3-0020ed76ef5a.html>.
Btw, it is almost unbearable smart that they include the sequence that triggers
the bug in their mail, assuring that users that *have* the vulnerable clamd
installed never see the advisory.
It *had* a reason that I prefixed the lines with 'X'. Congratulations.
-Oliver
More information about the freebsd-security
mailing list