VULHUB ™

Multiple vendor antivirus software applications have been reported to be prone to a denial of service vulnerability. This issue presents itself when an affected application attempts to decompress an excessively large bzip2 archive. Kaspersky AntiVirus for Linux 5.0.1.0, Trend Micro InterScan VirusWall 3.8 Build 1130, and McAfee Virus Scan for Linux v4.16.0 have been reported to be prone to this issue, however, it is likely that other products are affected as well. It has been reported that some versions of AMaViS including 0.2.x/0.3.x and amavisd prior to amavisd-new-20021116 may be affected by this issue as well. Further information indicates that this issue is not limited to bzip2 and may also affect other compression technologies. The discoverers of this issue have indicated that decompression bombs have been created for bzip2, gzip, zip, mime-embedded bombs, png and gif graphics, and openoffice zip.

Multiple vendor antivirus software applications have been reported to be prone to a denial of service vulnerability. This issue presents itself when an affected application attempts to decompress an excessively large bzip2 archive. Kaspersky AntiVirus for Linux 5.0.1.0, Trend Micro InterScan VirusWall 3.8 Build 1130, and McAfee Virus Scan for Linux v4.16.0 have been reported to be prone to this issue, however, it is likely that other products are affected as well. It has been reported that some versions of AMaViS including 0.2.x/0.3.x and amavisd prior to amavisd-new-20021116 may be affected by this issue as well. Further information indicates that this issue is not limited to bzip2 and may also affect other compression technologies. The discoverers of this issue have indicated that decompression bombs have been created for bzip2, gzip, zip, mime-embedded bombs, png and gif graphics, and openoffice zip.