Re: [Clamav-devel] Vulnerability with using ditto on OS X
On 28 May 2005, at 11:25 pm, Jakub Jankowski wrote: http://www.securityfocus.com/bid/13795 not vulnerable Clam Anti-Virus ClamAV 0.84 Clam Anti-Virus ClamAV 0.85 Clam Anti-Virus ClamAV 0.85.1 Ok, now I feel stupid - I never even noticed that menu bar! :-( Thanks PS. Top-posting is bad. Not something I've heard before, but point taken. ___ http://lurker.clamav.net/list/clamav-devel.html
Re: [Clamav-devel] Vulnerability with using ditto on OS X
On 2005-05-28, Mark Allan wrote: On 28 May 2005, at 11:15 pm, Jakub Jankowski wrote: Take a look at the last line you've pasted: Take a look at the FIRST line. I said I don't know when the article was written - it may have been before 0.85.1 and maybe even before 0.84! http://www.securityfocus.com/bid/13795 not vulnerable Clam Anti-Virus ClamAV 0.84 Clam Anti-Virus ClamAV 0.85 Clam Anti-Virus ClamAV 0.85.1 PS. Top-posting is bad. -- Jakub Jankowski | http://s.atn.pl/ | Real programmers don't Sysadm, programmer | http://www.slackware.pl/ | comment their code. [EMAIL PROTECTED] | http://www.gnugadu.org/ | It was hard to write, it as shasta on IRCnet | http://www.irssi.org/| should be hard to understand. ___ http://lurker.clamav.net/list/clamav-devel.html
Re: [Clamav-devel] Vulnerability with using ditto on OS X
Take a look at the FIRST line. I said I don't know when the article was written - it may have been before 0.85.1 and maybe even before 0.84! On 28 May 2005, at 11:15 pm, Jakub Jankowski wrote: Take a look at the last line you've pasted: ___ http://lurker.clamav.net/list/clamav-devel.html
Re: [Clamav-devel] Vulnerability with using ditto on OS X
On 2005-05-28, Mark Allan wrote: As there is no date to show when this article was written, I'm not sure if it takes into account 0.85.1 Can anyone comment? Take a look at the last line you've pasted: [...] ClamAV versions 0.80rc4 to 0.84rc2 to are affected by this issue. HTH -- Jakub Jankowski | http://s.atn.pl/ | Real programmers don't Sysadm, programmer | http://www.slackware.pl/ | comment their code. [EMAIL PROTECTED] | http://www.gnugadu.org/ | It was hard to write, it as shasta on IRCnet | http://www.irssi.org/| should be hard to understand. ___ http://lurker.clamav.net/list/clamav-devel.html
[Clamav-devel] Vulnerability with using ditto on OS X
As there is no date to show when this article was written, I'm not sure if it takes into account 0.85.1 Can anyone comment? http://www.securityfocus.com/bid/13795/discussion/ Thanks, Mark Article contents: Clam Anti-Virus ClamAV running on Mac OS X is affected by a command execution vulnerability. Reportedly, when a suspected infected file is handled by the application and it cannot be removed, the application may attempt to copy it to another location using the Mac OS X 'ditto' utility. The 'ditto' utility is called in an insecure manner and the responsible function fails to sanitize the file name allowing an attacker to include arbitrary commands in the file name that will be executed in the context of ClamAV. This can allow an attacker to gain unauthorized access to an affected computer. It should be noted that the exploitation of vulnerability is only possible when a malicious file is copied. ClamAV versions 0.80rc4 to 0.84rc2 to are affected by this issue. ___ http://lurker.clamav.net/list/clamav-devel.html
