Details of VAR-202005-0717

ID

VAR-202005-0717

CVE

CVE-2020-3327

TITLE

Clam AntiVirus Input verification vulnerabilities in software

Trust: 0.8

sources: JVNDB: JVNDB-2020-005536

DESCRIPTION

A vulnerability in the ARJ archive parsing module in Clam AntiVirus (ClamAV) Software versions 0.102.2 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a heap buffer overflow read. An attacker could exploit this vulnerability by sending a crafted ARJ file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition. Clam AntiVirus (ClamAV) The software contains an input verification vulnerability.Service operation interruption (DoS) It may be put into a state. Clam AntiVirus is an open source antivirus engine from the ClamAV team for detecting Trojans, viruses, malware and other malicious threats. ========================================================================= Ubuntu Security Notice USN-4435-2 July 27, 2020 clamav vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 ESM - Ubuntu 12.04 ESM Summary: Several security issues were fixed in ClamAV. Software Description: - clamav: Anti-virus utility for Unix Details: USN-4435-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled parsing ARJ archives. (CVE-2020-3327) It was discovered that ClamAV incorrectly handled scanning malicious files. A local attacker could possibly use this issue to delete arbitrary files. (CVE-2020-3350) It was discovered that ClamAV incorrectly handled parsing EGG archives. (CVE-2020-3481) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 ESM: clamav 0.102.4+dfsg-0ubuntu0.14.04.1+esm1 Ubuntu 12.04 ESM: clamav 0.102.4+dfsg-0ubuntu0.12.04.1 This update uses a new upstream release, which includes additional bug fixes. In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4435-2 https://usn.ubuntu.com/4435-1 CVE-2020-3327, CVE-2020-3350, CVE-2020-3481

Trust: 2.16

sources: NVD: CVE-2020-3327 // JVNDB: JVNDB-2020-005536 // VULHUB: VHN-181452 // VULMON: CVE-2020-3327 // PACKETSTORM: 157796 // PACKETSTORM: 158624 // PACKETSTORM: 158626 // PACKETSTORM: 157799

AFFECTED PRODUCTS

vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	18.04	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	32	Trust: 1.0
vendor:	cisco	model:	clam antivirus	scope:	lte	version:	0.102.2	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	19.10	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	31	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	12.04	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	16.04	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	14.04	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	20.04	Trust: 1.0
vendor:	fedoraproject	model:	fedora	scope:	eq	version:	30	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	clamav	model:	clamav	scope:	eq	version:	0.102.2	Trust: 0.8
vendor:	cisco	model:	clam antivirus	scope:	eq	version:	0.102.2	Trust: 0.1

sources: VULMON: CVE-2020-3327 // JVNDB: JVNDB-2020-005536 // NVD: CVE-2020-3327

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-3327
value:	HIGH
Trust: 1.0
ykramarz@cisco.com:	CVE-2020-3327
value:	HIGH
Trust: 1.0
NVD:	JVNDB-2020-005536
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202005-695
value:	HIGH
Trust: 0.6
VULHUB:	VHN-181452
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2020-3327
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2020-3327
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	JVNDB-2020-005536
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-181452
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-3327
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 2.0
NVD:	JVNDB-2020-005536
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-181452 // VULMON: CVE-2020-3327 // JVNDB: JVNDB-2020-005536 // CNNVD: CNNVD-202005-695 // NVD: CVE-2020-3327 // NVD: CVE-2020-3327

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-181452 // JVNDB: JVNDB-2020-005536 // NVD: CVE-2020-3327

THREAT TYPE

remote

Trust: 0.9

sources: PACKETSTORM: 157796 // PACKETSTORM: 158626 // PACKETSTORM: 157799 // CNNVD: CNNVD-202005-695

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-202005-695

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-005536

PATCH

title:	ClamAV 0.102.3 security patch released	url:	https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html	Trust: 0.8
title:	Clam AntiVirus Enter the fix for the verification error vulnerability	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=118727	Trust: 0.6

sources: JVNDB: JVNDB-2020-005536 // CNNVD: CNNVD-202005-695

EXTERNAL IDS

db:	NVD	id:	CVE-2020-3327	Trust: 3.0
db:	PACKETSTORM	id:	157799	Trust: 0.8
db:	PACKETSTORM	id:	158626	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-005536	Trust: 0.8
db:	CNNVD	id:	CNNVD-202005-695	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.1831	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1775	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.1758	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4350	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0056	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4540	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.2558	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.4412	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.2704	Trust: 0.6
db:	PACKETSTORM	id:	157681	Trust: 0.6
db:	PACKETSTORM	id:	158454	Trust: 0.6
db:	NSFOCUS	id:	48917	Trust: 0.6
db:	PACKETSTORM	id:	158624	Trust: 0.2
db:	PACKETSTORM	id:	157796	Trust: 0.2
db:	VULHUB	id:	VHN-181452	Trust: 0.1
db:	VULMON	id:	CVE-2020-3327	Trust: 0.1

sources: VULHUB: VHN-181452 // VULMON: CVE-2020-3327 // JVNDB: JVNDB-2020-005536 // PACKETSTORM: 157796 // PACKETSTORM: 158624 // PACKETSTORM: 158626 // PACKETSTORM: 157799 // CNNVD: CNNVD-202005-695 // NVD: CVE-2020-3327

REFERENCES

url:	https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html	Trust: 1.8
url:	https://lists.debian.org/debian-lts-announce/2020/05/msg00018.html	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3327	Trust: 1.8
url:	https://security.gentoo.org/glsa/202007-23	Trust: 1.7
url:	https://lists.debian.org/debian-lts-announce/2020/08/msg00010.html	Trust: 1.7
url:	https://usn.ubuntu.com/4370-1/	Trust: 1.7
url:	https://usn.ubuntu.com/4370-2/	Trust: 1.7
url:	https://usn.ubuntu.com/4435-1/	Trust: 1.7
url:	https://usn.ubuntu.com/4435-2/	Trust: 1.7
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3bmtc7i5lgy4fcizlhpnc4wwc6vnlfer/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ij67vh37ncg25picgwfwzhsvg7pbt7mc/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/l5ywyt27sbtv4rzsgfhiqui4lqvfasws/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/qm7exjhdezjlwm2nkh6tcdxobp5nnyin/	Trust: 1.0
url:	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/robjogjot44mvdx7rqeacyhqn4lyw5rk/	Trust: 1.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3327	Trust: 0.8
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ij67vh37ncg25picgwfwzhsvg7pbt7mc/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3bmtc7i5lgy4fcizlhpnc4wwc6vnlfer/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/l5ywyt27sbtv4rzsgfhiqui4lqvfasws/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/robjogjot44mvdx7rqeacyhqn4lyw5rk/	Trust: 0.7
url:	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/qm7exjhdezjlwm2nkh6tcdxobp5nnyin/	Trust: 0.7
url:	https://packetstormsecurity.com/files/157681/clam-antivirus-toolkit-0.102.3.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4350/	Trust: 0.6
url:	https://packetstormsecurity.com/files/157799/ubuntu-security-notice-usn-4370-2.html	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/48917	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4412/	Trust: 0.6
url:	https://packetstormsecurity.com/files/158454/clam-antivirus-toolkit-0.102.4.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.4540/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/clamav-three-vulnerabilities-32863	Trust: 0.6
url:	https://packetstormsecurity.com/files/158626/ubuntu-security-notice-usn-4435-2.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2558/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2704/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0056/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1758/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1831/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.1775/	Trust: 0.6
url:	https://vigilance.fr/vulnerability/clamav-denial-of-service-via-an-arj-archive-32251	Trust: 0.6
url:	https://usn.ubuntu.com/4370-1	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3341	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3481	Trust: 0.2
url:	https://nvd.nist.gov/vuln/detail/cve-2020-3350	Trust: 0.2
url:	https://usn.ubuntu.com/4435-1	Trust: 0.2
url:	https://cwe.mitre.org/data/definitions/20.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/181942	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.102.3+dfsg-0ubuntu0.18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.102.3+dfsg-0ubuntu0.19.10.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.102.3+dfsg-0ubuntu0.16.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.102.3+dfsg-0ubuntu0.20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.102.4+dfsg-0ubuntu0.18.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.102.4+dfsg-0ubuntu0.20.04.1	Trust: 0.1
url:	https://launchpad.net/ubuntu/+source/clamav/0.102.4+dfsg-0ubuntu0.16.04.1	Trust: 0.1
url:	https://usn.ubuntu.com/4435-2	Trust: 0.1
url:	https://usn.ubuntu.com/4370-2	Trust: 0.1

CREDITS

Ubuntu

Trust: 1.0

sources: PACKETSTORM: 157796 // PACKETSTORM: 158624 // PACKETSTORM: 158626 // PACKETSTORM: 157799 // CNNVD: CNNVD-202005-695

SOURCES

db:	VULHUB	id:	VHN-181452
db:	VULMON	id:	CVE-2020-3327
db:	JVNDB	id:	JVNDB-2020-005536
db:	PACKETSTORM	id:	157796
db:	PACKETSTORM	id:	158624
db:	PACKETSTORM	id:	158626
db:	PACKETSTORM	id:	157799
db:	CNNVD	id:	CNNVD-202005-695
db:	NVD	id:	CVE-2020-3327

LAST UPDATE DATE

2024-08-14T12:28:37.538000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-181452	date:	2021-09-22T00:00:00
db:	VULMON	id:	CVE-2020-3327	date:	2020-08-06T00:00:00
db:	JVNDB	id:	JVNDB-2020-005536	date:	2020-06-17T00:00:00
db:	CNNVD	id:	CNNVD-202005-695	date:	2021-01-07T00:00:00
db:	NVD	id:	CVE-2020-3327	date:	2023-11-07T03:22:36.483

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-181452	date:	2020-05-13T00:00:00
db:	VULMON	id:	CVE-2020-3327	date:	2020-05-13T00:00:00
db:	JVNDB	id:	JVNDB-2020-005536	date:	2020-06-17T00:00:00
db:	PACKETSTORM	id:	157796	date:	2020-05-21T19:33:33
db:	PACKETSTORM	id:	158624	date:	2020-07-27T18:46:40
db:	PACKETSTORM	id:	158626	date:	2020-07-27T18:46:49
db:	PACKETSTORM	id:	157799	date:	2020-05-21T23:56:22
db:	CNNVD	id:	CNNVD-202005-695	date:	2020-05-12T00:00:00
db:	NVD	id:	CVE-2020-3327	date:	2020-05-13T03:15:11.140