var-201606-0327
Vulnerability from variot

libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503. Vendors have confirmed this vulnerability Bug ID CSCuv78533 It is released as.Denial of service operations through crafted documents by third parties (AMP Restart process ) There is a possibility of being put into a state. Multiple Cisco products are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the AMP process to restart, resulting in a denial-of-service condition. This issue is being tracked by Cisco Bug IDs CSCuv78533, and CSCuw60503. This issue is fixed in: Cisco ClamAV 0.99 Cisco Email Security Appliance 9.7.0-125 Cisco Web Security Appliance 9.1.1-041, and 9.0.1-135. Clam AntiVirus (ClamAV) is a set of free and open-source antivirus software developed by the ClamAV team to detect Trojans, viruses, malware, and other malicious threats. A security vulnerability exists in libclamav in ClamAV in Cisco AMP for ESA and WSA due to the program not properly parsing input files. The following products and versions are affected: Cisco AMP for ESA before 9.7.0-125, Cisco AMP for WSA before 9.0.1-135, and Cisco AMP for WSA 9.1.x before 9.1.1-041. =========================================================================== Ubuntu Security Notice USN-3093-1 September 28, 2016

clamav vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS

Summary:

ClamAV could be made to crash or run programs if it processed a specially crafted file.

Software Description: - clamav: Anti-virus utility for Unix

Details:

It was discovered that ClamAV incorrectly handled certain malformed files.

In the default installation, attackers would be isolated by the ClamAV AppArmor profile.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04 LTS: clamav 0.99.2+dfsg-0ubuntu0.16.04.1

Ubuntu 14.04 LTS: clamav 0.99.2+addedllvm-0ubuntu0.14.04.1

Ubuntu 12.04 LTS: clamav 0.99.2+addedllvm-0ubuntu0.12.04.1

This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes.

References: http://www.ubuntu.com/usn/usn-3093-1 CVE-2016-1371, CVE-2016-1372, CVE-2016-1405

Package Information: https://launchpad.net/ubuntu/+source/clamav/0.99.2+dfsg-0ubuntu0.16.04.1 https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.14.04.1 https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.12.04.1

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201606-0327",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "clamav",
        "scope": null,
        "trust": 1.4,
        "vendor": "clamav",
        "version": null
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "8.8.0-085"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "9.6.0-042"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "9.1.0-070"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "9.5.0-284"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "clamav",
        "version": "*"
      },
      {
        "model": "web security the appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "9.1.x"
      },
      {
        "model": "web security the appliance",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "9.1.1-041"
      },
      {
        "model": "linux lts",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "16.04"
      },
      {
        "model": "linux lts",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "14.04"
      },
      {
        "model": "linux lts i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "12.04"
      },
      {
        "model": "linux lts amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "12.04"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.7"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.5"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.5.1"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.5"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.4"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.3"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.2"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.1"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.0"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.8"
      },
      {
        "model": "web security appliance 8.7.0-171-ld",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.7"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.6"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.3-051"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.2-004"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.1-021"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.0.000"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.0-497"
      },
      {
        "model": "web security appliance hot patch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.51"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.1.0-235"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.1"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.8-113"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.7-151"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.7-142"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.6-115"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.6-078"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.6-073"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.6"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.7.0-757"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.7.0-725"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.7.0-602"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.7.0-550"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.7"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.5.1-201"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.5.0-838"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.4-101"
      },
      {
        "model": "web security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.3-013"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.2"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.1"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6.2"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6.1"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.5.2"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.5.1"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.5"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.3.2"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.3.1"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.3"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.5"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.4"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.3"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.2"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.1"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.6.0-051"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.6.0-046"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.6"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.5.0-201"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.5"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.1.1-023"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.1.0-032"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.1"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.0.0-461"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.0"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.7-043"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.7-042"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.6-074"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.6-073"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5.6-106"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.5"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "8.0.1-023"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.8"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.6.3-019"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "7.1.5-106"
      },
      {
        "model": "email security appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3.1-09"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0.98.7"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0.98.5"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0.98.4"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0.98"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0.97.8"
      },
      {
        "model": "clamav",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0.98.6"
      },
      {
        "model": "web security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.1.1-041"
      },
      {
        "model": "web security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.0.1-135"
      },
      {
        "model": "email security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "9.7.0-125"
      },
      {
        "model": "clamav",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "0.99"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "90968"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:clamav:clamav",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:cisco:email_security_appliance",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:cisco:web_security_appliance",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "90968"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2016-1405",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2016-1405",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-90224",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2016-1405",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2016-1405",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2016-1405",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201605-717",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-90224",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "libclamav in ClamAV (aka Clam AntiVirus), as used in Advanced Malware Protection (AMP) on Cisco Email Security Appliance (ESA) devices before 9.7.0-125 and Web Security Appliance (WSA) devices before 9.0.1-135 and 9.1.x before 9.1.1-041, allows remote attackers to cause a denial of service (AMP process restart) via a crafted document, aka Bug IDs CSCuv78533 and CSCuw60503. Vendors have confirmed this vulnerability Bug ID CSCuv78533 It is released as.Denial of service operations through crafted documents by third parties (AMP Restart process ) There is a possibility of being put into a state. Multiple Cisco products are prone to a remote denial-of-service vulnerability. \nAn attacker can exploit this issue to cause the AMP process to restart, resulting in a denial-of-service condition. \nThis issue is being tracked by Cisco Bug IDs CSCuv78533, and CSCuw60503. \nThis issue is fixed in:\nCisco ClamAV 0.99\nCisco Email Security Appliance 9.7.0-125\nCisco Web Security Appliance 9.1.1-041, and 9.0.1-135. Clam AntiVirus (ClamAV) is a set of free and open-source antivirus software developed by the ClamAV team to detect Trojans, viruses, malware, and other malicious threats. A security vulnerability exists in libclamav in ClamAV in Cisco AMP for ESA and WSA due to the program not properly parsing input files. The following products and versions are affected: Cisco AMP for ESA before 9.7.0-125, Cisco AMP for WSA before 9.0.1-135, and Cisco AMP for WSA 9.1.x before 9.1.1-041. \n===========================================================================\nUbuntu Security Notice USN-3093-1\nSeptember 28, 2016\n\nclamav vulnerabilities\n===========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nClamAV could be made to crash or run programs if it processed a specially\ncrafted file. \n\nSoftware Description:\n- clamav: Anti-virus utility for Unix\n\nDetails:\n\nIt was discovered that ClamAV incorrectly handled certain malformed files. \n\nIn the default installation, attackers would be isolated by the ClamAV\nAppArmor profile. \n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n  clamav                          0.99.2+dfsg-0ubuntu0.16.04.1\n\nUbuntu 14.04 LTS:\n  clamav                          0.99.2+addedllvm-0ubuntu0.14.04.1\n\nUbuntu 12.04 LTS:\n  clamav                          0.99.2+addedllvm-0ubuntu0.12.04.1\n\nThis update uses a new upstream release, which includes additional bug\nfixes. In general, a standard system update will make all the necessary\nchanges. \n\nReferences:\n  http://www.ubuntu.com/usn/usn-3093-1\n  CVE-2016-1371, CVE-2016-1372, CVE-2016-1405\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/clamav/0.99.2+dfsg-0ubuntu0.16.04.1\n  https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.14.04.1\n  https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.12.04.1\n\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-1405"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "BID",
        "id": "90968"
      },
      {
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "db": "PACKETSTORM",
        "id": "138895"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-1405",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "90968",
        "trust": 1.4
      },
      {
        "db": "SECTRACK",
        "id": "1035994",
        "trust": 1.1
      },
      {
        "db": "SECTRACK",
        "id": "1035993",
        "trust": 1.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2016.1376",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-90224",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "138895",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "db": "BID",
        "id": "90968"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "PACKETSTORM",
        "id": "138895"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "id": "VAR-201606-0327",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90224"
      }
    ],
    "trust": 0.54899413
  },
  "last_update_date": "2024-11-23T22:26:55.526000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20160531-wsa-esa",
        "trust": 0.8,
        "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa"
      },
      {
        "title": "ChangeLog",
        "trust": 0.8,
        "url": "https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog"
      },
      {
        "title": "Cisco Advance Malware Protection for Email Security Appliance  and Web Security Appliance Clam AntiVirus Remediation measures for denial of service vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=62025"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160531-wsa-esa"
      },
      {
        "trust": 1.7,
        "url": "https://github.com/vrtadmin/clamav-devel/blob/master/changelog"
      },
      {
        "trust": 1.2,
        "url": "http://www.ubuntu.com/usn/usn-3093-1"
      },
      {
        "trust": 1.1,
        "url": "http://www.securityfocus.com/bid/90968"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1035993"
      },
      {
        "trust": 1.1,
        "url": "http://www.securitytracker.com/id/1035994"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1405"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1405"
      },
      {
        "trust": 0.6,
        "url": "http://www.auscert.org.au/./render.html?it=35274"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1371"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.99.2+dfsg-0ubuntu0.16.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.14.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/clamav/0.99.2+addedllvm-0ubuntu0.12.04.1"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1372"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-1405"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "db": "BID",
        "id": "90968"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "PACKETSTORM",
        "id": "138895"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "db": "BID",
        "id": "90968"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "db": "PACKETSTORM",
        "id": "138895"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-06-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "date": "2016-05-31T00:00:00",
        "db": "BID",
        "id": "90968"
      },
      {
        "date": "2016-06-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "date": "2016-09-29T04:25:18",
        "db": "PACKETSTORM",
        "id": "138895"
      },
      {
        "date": "2016-05-31T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      },
      {
        "date": "2016-06-08T14:59:12.827000",
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90224"
      },
      {
        "date": "2016-10-03T09:01:00",
        "db": "BID",
        "id": "90968"
      },
      {
        "date": "2016-06-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      },
      {
        "date": "2016-06-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      },
      {
        "date": "2024-11-21T02:46:22.860000",
        "db": "NVD",
        "id": "CVE-2016-1405"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "138895"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco E Email Security Appliance and  Web Security Used by appliance devices  ClamAV Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003096"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201605-717"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.