ClamAV multiple vulnerabilities

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2018-003 CVE-2012-6706 , CVE-2017-6419 , CVE-2017-11423 , CVE-2018-1000085 , CVE-2018-0202 03/01/2018 medium v1

Vulnerability details

A new ClamAV release discloses the following vulnerabilities in ClamAV. Theses vulnerabilities could let an attacker cause denial of service or arbitrary code execution.

Products

ProductSeverityDetail
Stormshield Network Security medium SNS uses a vulnerable version of ClamAV
Stormshield Endpoint Security

None

SES does not use ClamAV
Stormshield Data Security

None

SDS does not use ClamAV
Fast360

None

Fast does not use ClamAV
Netasq medium Netasq uses a vulnerable version of ClamAV

Revisions

Version Date Description
v1  03/12/2018 Initial release

 



Stormshield Network Security

CVSS Overall Score: 5.9      

Analysis

Impacted version

An attacker could craft an email containing an attached document which, while analyzed by ClamAV, causes denial of service or arbitrary code execution.

  • SNS 1.0.0 to 3.4.1

Workaround solution

Solution

Use Kaspersky antivirus engine as an alternative, or turn ClamAV off.

The 3.4.2 and 2.11 updates fix this vulnerability.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Network Low None Complete Complete Complete
CVSS Base score: 10 CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Remediation Level Report Confidence
Proof of concept code Official fix Confirmed
CVSS Temporal score: 7.8 CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
None Medium [26-75%]
CVSS Environmental score: 5.9 CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C/CDP:N/TD:M)


Netasq

CVSS Overall Score: 5.9      

Analysis

Impacted version

An attacker could craft an email containing an attached document which, while analyzed by ClamAV, causes denial of service or arbitrary code execution.

All Netasq versions are impacted.

Workaround solution

Solution

Use Kaspersky antivirus engine as an alternative or turn ClamAV off.

The 3.4.2 and 2.11 updates fix this vulnerability.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Network Low None Complete Complete Complete
CVSS Base score: 10 CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Exploitability Remediation Level Report Confidence
Proof of concept code Official fix Confirmed
CVSS Temporal score: 7.8 CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
None Medium [26-75%]
CVSS Environmental score: 5.9 CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:OF/RC:C/CDP:N/TD:M)