We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Attackers exploit ClamAV antivirus scanner

Patch now available for open-source tool

Attackers have found a way to exploit a vulnerability in the popular open-source ClamAV antivirus scanner, according to Danish bug-tracking company Secunia. On Monday, the ClamAV team updated the scanner to fix the flaw.

Secunia said a vulnerability within the ""cli_scanpe()" function in "libclamav/pe.c" could be exploited with a rigged "Upack" file. In a warning posted on Monday Secunia credited one of its own researchers, Alin Rad Pop, with finding and reporting the bug, and ranked the threat as 'highly critical', its second-highest rating.

ClamAV is most often used to scan incoming files attachments at an email gateway; although it's designed for UNIX, versions are available for Windows. Apple also packages ClamAV with its server operating systems, including the current production version of Mac OS X Server 10.5.

About a month ago, Apple issued a massive security update that fixed nearly 90 vulnerabilities in its operating systems, including nine ClamAV bugs present in Server 10.5, to bring Mac OS X's version in line with the still current ClamAV 0.90.3.

ClamAV version 0.93 patches the vulnerability, and can be downloaded from the open-source project's website.

Prior to issuing the patch, ClamAV had remotely disabled the vulnerable module, said a ClamAV spokesman. "Note that one week ago the vulnerable module has been switched off via DCONF using a special CVD update so older installations cannot be exploited," said Luca Gibelli in an email.

Users unable to deploy the patch who have also not updated ClamAV's signatures - the program received those as CVD, or ClamAV Virus Database file - should not scan untrusted Portable Executable (PE) files, Secunia recommended.

IDG UK Sites

Samsung Galaxy S6 launch as it happened: Galaxy S6 launch video and live blog - watch again as...

IDG UK Sites

5 things we hate about MWC: What it's like to be a journalist at a technology trade show

IDG UK Sites

Interview: Lauren Currie aims to help design students bridge skills gap

IDG UK Sites

12in Retina MacBook Air release date rumours: new MacBook Air to have fingerprint ID, could launch...