CVE-2004-0270
published 2004-11-23CVE-2004-0270: libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g.…
PriorityP418medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
10.41%
95.2th percentile
libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| clam_anti-virus | clamav | — | — |
| clamav | clamav | >= 0 < 0.80 | 0.80 |
| clamav | clamav | >= 0 < 0.80 | 0.80 |
| clamav | clamav | >= 0 < 0.80 | 0.80 |
| clamav | clamav | >= 0 < 0.80 | 0.80 |
| debian | clamav | < clamav 0.80 (bookworm) | clamav 0.80 (bookworm) |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mr7m-j7jh-35hw: libclamav in Clam AntiVirus 0
ghsa_unreviewed·2022-04-29
CVE-2004-0270 [MEDIUM] GHSA-mr7m-j7jh-35hw: libclamav in Clam AntiVirus 0
libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program.
OSV
CVE-2004-0270: libclamav in Clam AntiVirus 0
osv·2004-11-23·CVSS 5.0
CVE-2004-0270 [MEDIUM] CVE-2004-0270: libclamav in Clam AntiVirus 0
libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program.
Debian
CVE-2004-0270: clamav - libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of se...
vendor_debian·2004·CVSS 5.0
CVE-2004-0270 [MEDIUM] CVE-2004-0270: clamav - libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of se...
libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program.
Scope: local
bookworm: resolved (fixed in 0.80)
bullseye: resolved (fixed in 0.80)
forky: resolved (fixed in 0.80)
sid: resolved (fixed in 0.80)
trixie: resolved (fixed in 0.80)
No detection rules found.
No writeups or analysis indexed.
CWE
Reachable Assertion
mitre_cwe·CVSS 7.5
[HIGH] CWE-617 Reachable Assertion
CWE-617: Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
While assertion is good for catching logic errors and reducing the chances of reaching more serious vulnerability conditions, it can still lead to a denial of service. For example, if a server handles multiple simultaneous connections, and an assert() occurs in one single connection that causes all other connections to be dropped, this is a reachable assertion that leads to a denial of service.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Availability. Impact: DoS: Crash, Exit, or Restart. An attacker that can trigger an assert statement can still lead
CWE
Improper Handling of Unexpected Data Type
mitre_cwe·CVSS 5.0
[MEDIUM] CWE-241 Improper Handling of Unexpected Data Type
CWE-241: Improper Handling of Unexpected Data Type
The product does not handle or incorrectly handles when a particular element is not the expected type, e.g. it expects a digit (0-9) but is provided with a letter (A-Z).
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Integrity, Other. Impact: Varies by Context, Unexpected State.
Potential Mitigations:
[Implementation] Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does. When performing input validation, consider all potentially relevant properties, including length, type of input, the full rang
CWE
Improper Handling of Syntactically Invalid Structure
mitre_cwe·CVSS 5.0
[MEDIUM] CWE-228 Improper Handling of Syntactically Invalid Structure
CWE-228: Improper Handling of Syntactically Invalid Structure
The product does not handle or incorrectly handles input that is not syntactically well-formed with respect to the associated specification.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Integrity, Availability. Impact: Unexpected State, DoS: Crash, Exit, or Restart, DoS: Resource Consumption (CPU). If an input is syntactically invalid, then processing the input could place the system in an unexpected state that could lead to a crash, consume available system resources or other unintended behaviors.
Detection Methods:
Automated Static Analysis: Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source
http://marc.info/?l=bugtraq&m=107634700823822&w=2http://security.gentoo.org/glsa/glsa-200402-07.xmlhttp://www.freebsd.org/cgi/query-pr.cgi?pr=62586http://www.osvdb.org/3894http://www.securityfocus.com/bid/9610https://exchange.xforce.ibmcloud.com/vulnerabilities/15077http://marc.info/?l=bugtraq&m=107634700823822&w=2http://security.gentoo.org/glsa/glsa-200402-07.xmlhttp://www.freebsd.org/cgi/query-pr.cgi?pr=62586http://www.osvdb.org/3894http://www.securityfocus.com/bid/9610https://exchange.xforce.ibmcloud.com/vulnerabilities/15077
2004-11-23
Published