Gentoo Logo

ClamAV: Buffer overflow in Freshclam


1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200605-03 / clamav
Release Date May 02, 2006
Latest Revision May 02, 2006: 01
Impact normal
Exploitable remote
Package Vulnerable versions Unaffected versions Architecture(s)
app-antivirus/clamav < 0.88.2 >= 0.88.2 All supported architectures

Related bugreports: #131791


Freshclam is vulnerable to a buffer overflow that could lead to execution of arbitrary code.

2.  Impact Information


ClamAV is a GPL virus scanner. Freshclam is a utility to download virus signature updates.


Ulf Harnhammar and an anonymous German researcher discovered that Freshclam fails to check the size of the header data returned by a webserver.


By enticing a user to connect to a malicious webserver an attacker could cause the execution of arbitrary code.

3.  Resolution Information


There is no known workaround at this time.


All ClamAV users should upgrade to the latest version:

Code Listing 3.1: Resolution

# emerge --sync
# emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.88.2"

4.  References


Page updated May 02, 2006

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.