Summary
This host has ClamAV installed and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow attackers to provide a message with specially-crafted hash signature in it, leading to denial of service (clamscan executable crash).
Impact Level: Application
Solution
Upgrade to ClamAV 0.97.2 or later,
For updates refer to http://www.clamav.net/lang/en/
Insight
The flaw is due to the way the hash manager of Clam AntiVirus scans messages with certain hashes.
Affected
ClamAV version prior to 0.97.2 (3.0.3.6870) on Windows.
References
Severity
Classification
-
CVE CVE-2011-2721 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities