Hi all, On Sun Dec 30 there was a post to the Full Disclosure mailing list regarding several vulnerabilities in ClamAV 0.92. I haven't seen any discussion on the clamav-devel list and can't seem to find a Bugzilla entry for these issues.
The authors seem to have identified a race condition in cli_gentempfd that he claims can be used to get malicious files past the Clam engine. They also discuss a bypass using Base64-UUEncoded files, as well as insecure file handling in sigtool. Have any of the ClamAV developers looked at this vulnerability disclosure? Are these real issues? http://seclists.org/fulldisclosure/2007/Dec/0625.html Many thanks, c0uch _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
