14 Dec 2006 09:58
Bug#403034: Deep MIME Nesting Content Filter Bypass
Hendrik Weimer <hendrik <at> enyo.de>
2006-12-14 08:58:09 GMT
2006-12-14 08:58:09 GMT
Package: clamav Version: 0.88.7-1 Severity: grave Tags: security While the new 0.88.7 version fixes CVE-2006-6406 and CVE-2006-6481 the update introduces another flaw that lets viruses pass undetected. If a virus is nested deeper than the --max-mail-recursion limit, the file will pass and ClamAV's exit code indicates that the file was scanned properly. Again, details, PoC, and discussion can be found at http://www.quantenblog.net/security/virus-scanner-bypass.
RSS Feed