libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Clamav | Clamav | * | 0.95 (excluding) |
Clamav | Ubuntu | dapper | * |
Clamav | Ubuntu | devel | * |
Clamav | Ubuntu | gutsy | * |
Clamav | Ubuntu | hardy | * |
Clamav | Ubuntu | intrepid | * |
Clamav | Ubuntu | jaunty | * |
Clamav | Ubuntu | upstream | * |