Off-by-One Error in ClamAV Leading to Denial of Service
CVE-2011-2721

Currently unrated

Key Information:

Vendor

Clamav

Status
Clamav
Vendor
CVE Published:
5 August 2011

What is CVE-2011-2721?

The off-by-one error in the cli_hm_scan function within matcher-hash.c of ClamAV can be exploited by remote attackers to trigger a denial of service. This occurs through specially crafted email messages, which cause a crash of the ClamAV daemon due to improper handling during hash calculations. It is critical for users to ensure they are running versions of ClamAV that are patched to address this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/45382
third-party-advisoryx_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce...
vendor-advisoryx_refsource_FEDORA
http://git.clamav.net/gitweb?p=clamav-devel.git%3Ba=blob_...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.