ClamAV 'mspack.c' Off-By-One Buffer Overflow Vulnerability

Bugtraq ID:	26946
Class:	Boundary Condition Error
CVE:	CVE-2007-6336
Remote:	Yes
Local:	No
Published:	Dec 19 2007 12:00AM
Updated:	Mar 19 2008 01:40AM
Credit:	This issue was disclosed by the vendor.
Vulnerable:	S.u.S.E. UnitedLinux 1.0 S.u.S.E. SuSE Linux Openexchange Server 4.0 S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1 S.u.S.E. SUSE Linux Enterprise Desktop 10 S.u.S.E. openSUSE 10.3 S.u.S.E. openSUSE 10.2 S.u.S.E. Open-Enterprise-Server 0 S.u.S.E. Novell Linux POS 9 S.u.S.E. Novell Linux Desktop 9.0 S.u.S.E. Novell Linux Desktop 9 S.u.S.E. Linux Enterprise Server 8 S.u.S.E. Linux Enterprise Server 10.SP1 S.u.S.E. Linux Desktop 10 S.u.S.E. Linux 10.1 x86-64 S.u.S.E. Linux 10.1 x86 S.u.S.E. Linux 10.1 ppc S.u.S.E. Linux 10.0 x86-64 S.u.S.E. Linux 10.0 x86 S.u.S.E. Linux 10.0 ppc RedHat Fedora 8 0 RedHat Fedora 7 0 MandrakeSoft Linux Mandrake 2008.0 x86_64 MandrakeSoft Linux Mandrake 2008.0 MandrakeSoft Linux Mandrake 2007.1 x86_64 MandrakeSoft Linux Mandrake 2007.1 MandrakeSoft Linux Mandrake 2007.0 x86_64 MandrakeSoft Linux Mandrake 2007.0 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 Kolab Kolab Groupware Server 2.1 Kolab Kolab Groupware Server 2.0.4 Kolab Kolab Groupware Server 2.0.3 Kolab Kolab Groupware Server 2.0.2 Kolab Kolab Groupware Server 2.0.1 Kolab Kolab Groupware Server 2.2beta3 Kolab Kolab Groupware Server 2.2beta1 Kolab Kolab Groupware Server 2.1beta2 Kolab Groupware Server 2.1.beta3 Gentoo Linux Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux 4.0 m68k Debian Linux 4.0 ia-64 Debian Linux 4.0 ia-32 Debian Linux 4.0 hppa Debian Linux 4.0 arm Debian Linux 4.0 amd64 Debian Linux 4.0 alpha Debian Linux 4.0 Clam Anti-Virus ClamAV 0.91.2 Apple Mac OS X Server 10.5.2 Apple Mac OS X Server 10.5.1 Apple Mac OS X Server 10.5

Not Vulnerable:	Clam Anti-Virus ClamAV 0.92