VuXML entry for CVE-2008-0318 (libclamav)
Eygene Ryabinkin
rea-fbsd at codelabs.ru
Wed Feb 13 07:49:20 PST 2008
Good day.
Attached is the draft of the VuXML entry for the new ClamAV
vulnerability.
>From what I had seen and from the comments of the iDefence
and ClamAV changelog, it seems that the vulnerable Petite PE
module is really disabled in daily.cfg. The file has entries
'PE:0xbfff:13:23' and 'PE:0xdeff:24:25', while libclamav/dconf.h
has the following:
-----
#define PE_CONF_PETITE 0x100
-----
So, Petite compressor is disabled for f-levels 24 (0.92_sf)
and 25 (0.92). 23 is 0.92rc2 and Petite is enabled for it and
lower versions down to 13 (0.90). F-versions were extracted from
libclamav/others.c, macro variable CL_FLEVEL.
So I had marked only clamav >= 0.92 and < 0.92.1 as vulnerable.
--
Eygene
More information about the freebsd-security
mailing list