|Clam Anti-Virus PE文件头处理堆溢出漏洞 - VULHUB开源网络安全威胁库

Clam Anti-Virus PE文件头处理堆溢出漏洞

- AV AC AU C I A

发布： 2025-04-13

修订： 2025-04-13

Clam AntiVirus是Unix的GPL杀毒工具包，很多邮件网关产品都在使用。 Clam AV在处理畸形PE文件时存在堆溢出漏洞，远程攻击者可能利用此漏洞在服务器上执行任意指令。在处理某些PE格式文件时，两个变量可能会被恶意地设置为非常大的值，导致整数溢出。这可能导致分配比预期少的内存，之后的代码可能会覆盖堆缓冲区。 ClamAV ClamAV 0.88.4 厂商补丁： Debian ------ Debian已经为此发布了一个安全公告（DSA-1196-1）以及相应补丁: DSA-1196-1：New clamav packages fix arbitrary code execution 链接：http://www.debian.org/security/2005/dsa-1196 补丁下载： Source archives: http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11.dsc Size/MD5 checksum: 874 28ac6ad45d008a1a40f1043ce208f7e9 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11.diff.gz Size/MD5 checksum: 176562 4b0c191cf10e3184baee4004c7992b09 http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84.orig.tar.gz Size/MD5 checksum: 4006624 c43213da01d510faf117daa9a4d5326c Architecture independent components: http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.84-2.sarge.11_all.deb Size/MD5 checksum: 154890 32b1629d649ed6168dd411e0458cca08 http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.84-2.sarge.11_all.deb Size/MD5 checksum: 694414 e8160f6502023138511d613240ff8a7a http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.84-2.sarge.11_all.deb Size/MD5 checksum: 123884 82b26302a2c4697b7d58825dd64149c3 Alpha architecture: http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_alpha.deb Size/MD5 checksum: 74768 39a1eb656cb857019708e6a9f13e6670 http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_alpha.deb Size/MD5 checksum: 48830 de988902ce6b7a56b0f72daa6e113614 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_alpha.deb Size/MD5 checksum: 2176452 e16e6c071d0233820855fb4777b90a7d http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_alpha.deb Size/MD5 checksum: 42120 fa4bd16b77814caf48f9c32e5ebf10f4 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_alpha.deb Size/MD5 checksum: 255774 19ff1809f543ca8aadb819be4b879f44 http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_alpha.deb Size/MD5 checksum: 285586 e33630652b74d4a2ddb1c936daf4a7ec AMD64 architecture: http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_amd64.deb Size/MD5 checksum: 68850 03fd7d2e437ef1d337236884289f9cfd http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_amd64.deb Size/MD5 checksum: 44186 3b44c71024838a3d9e367807fe8664dd http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_amd64.deb Size/MD5 checksum: 2173268 f41d15ff5a51f3aa601d8bc1f5ddad6a http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_amd64.deb Size/MD5 checksum: 39988 3ae59e939bb67cb743c655089d7c66a7 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_amd64.deb Size/MD5 checksum: 176496 bb458a66c0422f2c567e0f5bc0db6fc0 http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_amd64.deb Size/MD5 checksum: 259796 ace9bd92aec68b79785d812112df3b8c ARM architecture: http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_arm.deb Size/MD5 checksum: 63924 13852fbd45ab407a4d12529d3c9af7d1 http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_arm.deb Size/MD5 checksum: 39600 c11f5ed1c7d9867e2d3c8feebffeafc7 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_arm.deb Size/MD5 checksum: 2171292 a28d43cf47bbf88d6eb750eb32b318ee http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_arm.deb Size/MD5 checksum: 37314 c12fda2e2e2d6d35ca7b7907e8276cd6 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_arm.deb Size/MD5 checksum: 174878 4685182160e39404d8f15fe249b64a5e http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_arm.deb Size/MD5 checksum: 249784 0f7eeccd53136dcd6bb78ea6020e73b0 HP Precision architecture: http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_hppa.deb Size/MD5 checksum: 68278 35e8f30df61e0c77fd22b8c02e2f6ebb http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_hppa.deb Size/MD5 checksum: 43282 c0d8fe7883d6d4aff3824549bb221e89 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_hppa.deb Size/MD5 checksum: 2173730 4b003090224b6fedf73abd38a1a32eb2 http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_hppa.deb Size/MD5 checksum: 39456 33b5e0dbc1dc6aff76b0b5f4164b8256 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_hppa.deb Size/MD5 checksum: 202698 75ddd21a939d57b35a0f2256bf0d99f7 http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_hppa.deb Size/MD5 checksum: 283454 82057fdf8dca950c4dd3a72b5b6f811a Intel IA-32 architecture: http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_i386.deb Size/MD5 checksum: 65200 a945220bc5697dece23aafc00fed3d5f http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_i386.deb Size/MD5 checksum: 40308 60923ec7ee8c7b86881f4e5389cf43cb http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_i386.deb Size/MD5 checksum: 2171624 59374c11897bcaf9f3dc7c71bcb6fa56 http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_i386.deb Size/MD5 checksum: 38038 05b67aee86f2c60105806ad74d77e32d http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_i386.deb Size/MD5 checksum: 159720 074ef1d4d28391d2eb394ea24c702e78 http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_i386.deb Size/MD5 checksum: 254468 a80e82dfeb22354d3623a40e85fbbcc6 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_ia64.deb Size/MD5 checksum: 81828 c46f0b2c499e816a3cb440d0651a2b55 http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_ia64.deb Size/MD5 checksum: 55246 7a442d4f53746822fe60cb1628730d00 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_ia64.deb Size/MD5 checksum: 2180272 33333853b7919432646bcfdae6abd54c http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_ia64.deb Size/MD5 checksum: 49190 53a172cf4d463f4e1650d33b4851e832 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_ia64.deb Size/MD5 checksum: 252174 8e184d5dba13b625ae0e44e89485c6a7 http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_ia64.deb Size/MD5 checksum: 317870 2222c0d7e5cf059381ebd9a151b8a5af Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_m68k.deb Size/MD5 checksum: 62518 7f0f240a3ecc077fc140e88bac5b1fe8 http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_m68k.deb Size/MD5 checksum: 38194 06f87cf4f5bcccf1f8d8b1099bef70d3 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_m68k.deb Size/MD5 checksum: 2170504 809d90d8aedaa980866431ffa90a28aa http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_m68k.deb Size/MD5 checksum: 35070 02f5faec5ab1070cb09e5488d24d910b http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_m68k.deb Size/MD5 checksum: 146328 99c2e58e91dbbf20c126b29f0af6bc2c http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_m68k.deb Size/MD5 checksum: 250494 87ad44430613edb59b8b8d300786a8b7 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_mips.deb Size/MD5 checksum: 67956 2e78155905e710e6b0ff27b53e45f269 http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_mips.deb Size/MD5 checksum: 43800 fb236f7c6cf785d6a55aae1a4515338a http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_mips.deb Size/MD5 checksum: 2173046 ac2d5755af45a3d4a0c20c29508066c8 http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_mips.deb Size/MD5 checksum: 37668 48b4aa4c897d00929da982ef07c8a15a http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_mips.deb Size/MD5 checksum: 195568 bb600d223c0b65faa1b646df27dc7e74 http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_mips.deb Size/MD5 checksum: 257606 679b4cce53bcc33e8ac10650aff4c5a0 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_mipsel.deb Size/MD5 checksum: 67556 4520d58dd04533e2777f3cca4975a4d3 http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_mipsel.deb Size/MD5 checksum: 43598 92da7fbb103c7a1c37b05522ae1e19a2 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_mipsel.deb Size/MD5 checksum: 2173008 e6745c1d5156d5cfca2dac85be5f1423 http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_mipsel.deb Size/MD5 checksum: 37954 95d22e916f84828d555c5d13674e5d4c http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_mipsel.deb Size/MD5 checksum: 191974 604b00ff88ac5373c196248e906beb0d http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_mipsel.deb Size/MD5 checksum: 255282 e904a9e0a41a5256e36fc71781135f05 PowerPC architecture: http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_powerpc.deb Size/MD5 checksum: 69294 07c0764302ddd5a9140581c6ede04487 http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_powerpc.deb Size/MD5 checksum: 44674 8c9d17ca61c993632aa25da98c8b6cef http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_powerpc.deb Size/MD5 checksum: 2173668 5a591aa69f1d101cfce0597398c25ae6 http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_powerpc.deb Size/MD5 checksum: 38870 8ea03838330fa3c56482e2f343c5431a http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_powerpc.deb Size/MD5 checksum: 187714 10bc94cec5fa66dcff4c76f49ba2e3c1 http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_powerpc.deb Size/MD5 checksum: 264980 c5452abaf240f6f8d927ef69ea29d0b5 IBM S/390 architecture: http://security.debian.org/pool/updates/main/c/clamav/clamav_0.84-2.sarge.11_s390.deb Size/MD5 checksum: 67898 68e72a9d5ac378fc62e1cd6bb076da18 http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.84-2.sarge.11_s390.deb Size/MD5 checksum: 43554 207dcf7c5897971f44c5afbed4b660e5 http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.84-2.sarge.11_s390.deb Size/MD5 checksum: 2172956 7408bb7618f0b0d4b984e009b15e3a34 http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.84-2.sarge.11_s390.deb Size/MD5 checksum: 38932 dc9a5cc5dfcbd829dc65811713d84ba8 http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.84-2.sarge.11_s390.deb Size/MD5 checksum: 182686 a743f6f9a8dd3aa06e51c168e6a78cf2 http://security.debian.org/pool/updates/main/c/clamav/libclamav1_0.84-2.sarge.11_s390.deb Size/MD5 checksum: 269600 382c4a08915ddc6d50208aeb9468bdab 补丁安装方法： 1. 手工安装补丁包：首先，使用下面的命令来下载补丁软件： # wget url (url是补丁下载链接地址) 然后，使用下面的命令来安装补丁： # dpkg -i file.deb (file是相应的补丁名) 2. 使用apt-get自动安装补丁包：首先，使用下面的命令更新内部数据库： # apt-get update 然后，使用下面的命令安装更新软件包： # apt-get upgrade ClamAV ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://sourceforge.net/project/shownotes.php?release_id=455799

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有0条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

VULHUB ™