Re: clamav 0.65 remote DOS exploit

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: clamav 0.65 remote DOS exploit
From: Mark Renouf <mark@xxxxxxxxxx>
Date: Mon, 09 Feb 2004 17:13:44 -0500
In-reply-to: <4027A2D9.9010700@xxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <40279811.9050407@xxxxxxxxxxxxxxxxx> <200402091452.32197.njh@xxxxxxxxxxxxxx> <4027A2D9.9010700@xxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6) Gecko/20040113

Oliver Eikemeier wrote:

0.65 ist the latest stable (release) version, so I guess most productionservers would
run it, instead of an CVS snapshot.


Are earlier versions than 0.65 affected?

Gentoo's portage tree has 0.60 as latest stable, and 0.65 is in testing(~x86.. masked, but available). Nothing in CVS is allowed into portage.

Follow-Ups:
- Re: clamav 0.65 remote DOS exploit
  - From: Dennis Freise

References:
- clamav 0.65 remote DOS exploit
  - From: Oliver Eikemeier
- Re: clamav 0.65 remote DOS exploit
  - From: Nigel Horne
- Re: clamav 0.65 remote DOS exploit
  - From: Oliver Eikemeier