• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

ClamAV ARJ File Denial Of Service Vulnerability

Bugtraq ID:	28782
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2008-1387
Remote:	Yes
Local:	No
Published:	Apr 14 2008 12:00AM
Updated:	Aug 25 2008 02:55PM
Credit:	Oulu University Secure Programming Group (OUSPG), Hanno Boeck
Vulnerable:	S.u.S.E. SUSE Linux Enterprise Server 10 SP1 S.u.S.E. SLE SDK 10.SP1 S.u.S.E. openSUSE 10.3 S.u.S.E. openSUSE 10.2 S.u.S.E. Open-Enterprise-Server 0 S.u.S.E. Novell Linux POS 9 S.u.S.E. Linux Enterprise Server 9 S.u.S.E. Linux Enterprise Server 10.SP1 S.u.S.E. Linux 10.1 x86-64 S.u.S.E. Linux 10.1 x86 S.u.S.E. Linux 10.1 ppc RedHat Fedora 8 0 RedHat Fedora 7 0 MandrakeSoft Linux Mandrake 2008.1 x86_64 MandrakeSoft Linux Mandrake 2008.1 MandrakeSoft Linux Mandrake 2008.0 x86_64 MandrakeSoft Linux Mandrake 2008.0 MandrakeSoft Linux Mandrake 2007.1 x86_64 MandrakeSoft Linux Mandrake 2007.1 MandrakeSoft Corporate Server 4.0 x86_64 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 MandrakeSoft Corporate Server 4.0 Kolab Kolab Groupware Server 2.1 Kolab Kolab Groupware Server 2.0.4 Kolab Kolab Groupware Server 2.0.3 Kolab Kolab Groupware Server 2.0.2 Kolab Kolab Groupware Server 2.0.1 Kolab Kolab Groupware Server 2.2beta3 Kolab Kolab Groupware Server 2.2beta1 Kolab Kolab Groupware Server 2.2-rc1 Kolab Kolab Groupware Server 2.2 -rc2 Clam Anti-Virus ClamAV 0.92.1 Clam Anti-Virus ClamAV 0.91.2 Clam Anti-Virus ClamAV 0.91.1 Clam Anti-Virus ClamAV 0.90.3 Clam Anti-Virus ClamAV 0.90.2 Clam Anti-Virus ClamAV 0.90.1 + Debian Linux 4.0 sparc + Debian Linux 4.0 s/390 + Debian Linux 4.0 powerpc + Debian Linux 4.0 mipsel + Debian Linux 4.0 mips + Debian Linux 4.0 m68k + Debian Linux 4.0 ia-64 + Debian Linux 4.0 ia-32 + Debian Linux 4.0 hppa + Debian Linux 4.0 arm + Debian Linux 4.0 amd64 + Debian Linux 4.0 alpha + Debian Linux 4.0 Clam Anti-Virus ClamAV 0.90 - MandrakeSoft Corporate Server 4.0 x86_64 - MandrakeSoft Corporate Server 3.0 x86_64 - MandrakeSoft Corporate Server 3.0 - MandrakeSoft Corporate Server 4.0 - MandrakeSoft Linux Mandrake 2007.1 x86_64 - MandrakeSoft Linux Mandrake 2007.1 - MandrakeSoft Linux Mandrake 2007.0 x86_64 - MandrakeSoft Linux Mandrake 2007.0 Clam Anti-Virus ClamAV 0.92 Clam Anti-Virus ClamAV 0.91 Astaro Security Gateway 7.006 Astaro Security Gateway 7.005 Astaro Security Gateway 7
Not Vulnerable:	Clam Anti-Virus ClamAV 0.93