ClamAV multiple vulnerabilities

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2018-002 CVE-2017-12374 , CVE-2017-12375 , CVE-2017-12376 , CVE-2017-12377 , CVE-2017-12378 , CVE-2017-12379 , CVE-2017-12380 10/26/2017 medium v1

Vulnerability details

It was discovered that ClamAV incorrectly handled parsing certain mail messages, PDF files, mew packet files and TAR files. A remote attacker could use this issue to cause ClamAV to crash or possibly execute arbitrary code.

Products

ProductSeverityDetail
Stormshield Network Security medium SNS uses a vulnerable version of ClamAV
Stormshield Endpoint Security

None

SES does not use ClamAV
Stormshield Data Security

None

SDS does not use ClamAV
Fast360

None

Fast does not use ClamAV
Netasq medium SNS uses a vulnerable version of ClamAV

Revisions

Version Date Description
v1  01/29/2018 Initial release

 



Stormshield Network Security

CVSS Overall Score: 5.9      

Analysis

Impacted version

A remote attacker could use this issue to cause ClamAV to crash or possibly execute arbitrary code.

  • SNS 1.0.0 to 3.4.0

Workaround solution

Solution

Use Kaspersky antivirus engine as an alternative or turn it off.

The 3.4.1 and 2.11 update fix this vulnerability.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Network Low None Complete Complete Complete
CVSS Base score: 10 CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Remediation Level Report Confidence
Proof of concept code Official fix Confirmed
CVSS Temporal score: 7.8 CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
None Medium [26-75%]
CVSS Environmental score: 5.9 CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C/CDP:N/TD:M)


Netasq

CVSS Overall Score: 5.9      

Analysis

Impacted version

A remote attacker could use this issue to cause ClamAV to crash or possibly execute arbitrary code.

  • All Netasq releases

Workaround solution

Solution

Use Kaspersky antivirus engine as an alternative or turn it off.

The 3.4.1 and 2.11 update fix this vulnerability.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Network Low None Complete Complete Complete
CVSS Base score: 10 CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Remediation Level Report Confidence
Proof of concept code Official fix Confirmed
CVSS Temporal score: 7.8 CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
None Medium [26-75%]
CVSS Environmental score: 5.9 CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C/CDP:N/TD:M)