FreeBSD : clamav -- heap overflow vulnerability (342d2e48-26db-11db-9275-000475abc56f)
High Nessus Plugin ID 22198
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionClamav team reports :
A heap overflow vulnerability was discovered in libclamav which could cause a denial of service or allow the execution of arbitrary code.
The problem is specifically located in the PE file rebuild function used by the UPX unpacker.
Relevant code from libclamav/upx.c :
memcpy(dst, newbuf, foffset); *dsize = foffset; free(newbuf);
cli_dbgmsg('UPX: PE structure rebuilt from compressed file\n'); return 1;
Due to improper validation it is possible to overflow the above memcpy() beyond the allocated memory block.
SolutionUpdate the affected packages.