CVE-2011-2721
Published: 27 July 2011
Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations.
Notes
Author | Note |
---|---|
mdeslaur | maverick and older don't have affected code |
Priority
Status
Package | Release | Status |
---|---|---|
clamav Launchpad, Ubuntu, Debian |
upstream |
Released
(0.97.2)
|
hardy |
Not vulnerable
(code not present)
|
|
lucid |
Not vulnerable
(code not present)
|
|
maverick |
Not vulnerable
(code not present)
|
|
natty |
Released
(0.97+dfsg-2ubuntu1.1)
|
|
Patches: upstream: http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=656dfd0b86817c05cc67964823fb4da8790f243d (backporting) upstream: http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=4842733eb3f09be61caeed83778bb6679141dbc5 |