Re: clamav 0.65 remote DOS exploit

To: Stefan Triller <stefantriller@xxxxxx>
Subject: Re: clamav 0.65 remote DOS exploit
From: Oliver Eikemeier <eikemeier@xxxxxxxxxxxxxxxxx>
Date: Tue, 10 Feb 2004 11:00:59 +0100
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <20040209210407.7efd633b.stefantriller@xxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Organization: Fillmore Labs GmbH - http://www.fillmore-labs.com/
References: <40279811.9050407@xxxxxxxxxxxxxxxxx> <200402091452.32197.njh@xxxxxxxxxxxxxx> <4027A2D9.9010700@xxxxxxxxxxxxxxxxx> <20040209210407.7efd633b.stefantriller@xxxxxx>
User-agent: KMail/1.5.9

Stefan Triller wrote:

Hi,

I tried reproducing the problem with the latest source in CVS, but
had no problems. 0.65 is rather old, please try again with the
latest version.


0.65 ist the latest stable (release) version, so I guess most
production servers would run it, instead of an CVS snapshot.



I have version 0.65-1 for debian from:
deb http://people.debian.org/~aurel32/BACKPORTS stable main

and this ist not affected.


They patched the sources, thankfully.

References:
- clamav 0.65 remote DOS exploit
  - From: Oliver Eikemeier
- Re: clamav 0.65 remote DOS exploit
  - From: Nigel Horne
- Re: clamav 0.65 remote DOS exploit
  - From: Oliver Eikemeier
- Re: clamav 0.65 remote DOS exploit
  - From: Stefan Triller