Security software contains 'serious bugs'


Security software contains 'serious bugs'

Tash Shifrin

Researchers have warned of serious bugs in security software, with flaws detected in ClamAV, Ethereal and Sophos Anti-Virus within days of each other.

ClamAV Antivirus Library is vulnerable to buffer overflows that could allow attackers complete control of the system, according to a warning issued by

Researchers Alex Wheeler and Neel Mehta are credited with discovering the bugs, which can be exploited remotely without user authentication through common protocols such as SMTP, SMB, HTTP and FTP.

Hackers could gain unauthorised control of data by exploiting the vulnerability in ClamAV protected systems, which could lead to further network compromise. ClamAV 0.86.1 and earlier versions are affected.

Ethereal has also posted a high severity warning, listing 27 separate vulnerabilities identified in Ethereal versions 0.8.5 to 0.10.10.

“It may be possible to make Ethereal crash, use up available memory, or run arbitrary code by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file,” the company warns.

It advises users to upgrade to version 0.10.12. “Due to the severity and scope of the defects that have been discovered, no workaround is available,” the company said.

A buffer overflow vulnerability identified in some versions of Sophos Anti-Virus is “theoretically a risk,” said Sophos, although the company had not seen any examples of malware attempting to exploit the vulnerability.

Sophos senior technology consultant, Graham Cluley, said the company had worked with researcher Alex Wheeler to tackle the vulnerability and most customers had already been updated.

He said: “The vast majority of our customers are protected. It’s not in the wild. Most enterprise customers are updated and any who aren’t will be updated in the next couple of days.”


Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy