contents | software | |||||||
| SonicWALL Protects Users From ClamAV Vulnerability SonicWALL has issued a Gateway Anti-Virus signature for users of its Internet threat prevention technology to enable day zero protection from a vulnerability in Clam AntiVirus (ClamAV). The vulnerability in the widely used ClamAV open source gateway and client anti-virus software could lead to unauthorized hackers taking control of a user's system. SonicWALL uses proprietary gateway anti-virus, which is not affected by this vulnerability. The Clam AntiVirus Win32-UPX Heap Overflow vulnerability is due to a heap overflow error in "libclamav/upx.c" when scanning malformed UPX-packed executables. This could be exploited by an unauthenticated remote attacker to execute arbitrary commands or crash an affected application by sending an e- mail containing a specially crafted UPX file to a system running ClamAV. SonicWALL has deployed a signature for its Unified Threat Management (UTM) devices that blocks potential ClamAV Heap Overflow exploits at the gateway. SonicWALL delivers zero day gateway anti- virus and intrusion prevention signatures to its subscribers on a continual basis, to defend against new and existing Internet attacks and exploit. write your comments about the article :: © 2006 Computing News :: home page |