Serious Vulnerabilities Reported in Open Source Anti-Virus
ClamAV is widely distributed with Mac OS X Server and open source servers. Flaws can compromise server. Fixes are available.A mysterious security research group is reporting that they have found several serious vulnerabilities in the ClamAV open source antivirus program. According to the advisory, the vulnerabilities are heap overflows in the processing of certain file formats, specifically TNEF, CHM and FSG. Because of the nature of the server, which is typically used to scan incoming e-mail and files attached to it, the vulnerabilities may be invoked simply by sending e-mail with malformed attachments to an address on a vulnerable server. The advisory claims that version 0.86.1 and earlier are affected. On Sunday ClamAV released 0.86.2, which fixes the problems. ClamAV is available for Unix and Linux broadly, and included in many Linux distributions, including Suse and Debian.
Many security-service packages, such as Roaring Penguins and appliances, such as those from Barracuda Networks, are built on ClamAVs software.