ClamAV Multiple Vulnerabilities (Linux) Network Vulnerability

Summary

This host has ClamAV installed and is prone to multiple vulnerabilities.

Impact

Remote attackers may exploit this issue to inject malicious files into the system which can bypass the scan engine and may cause denial of service. Impact Level: System/Application

Solution

Upgrade to ClamAV 0.95 http://www.clamav.net

Insight

Multiple flaws are due to - Error in handling specially crafted RAR files which prevents the scanning of potentially malicious files. - Inadequate sanitation of files through a crafted TAR file causes clamd and clamscan to hang. - 'libclamav/pe.c' allows remote attackers to cause a denial of service via a crafted EXE which triggers a divide-by-zero error.

Affected

ClamAV before 0.95 on Linux

References

http://blog.zoller.lu/2009/04/clamav-094-and-below-evasion-and-bypass.html
http://www.openwall.com/lists/oss-security/2009/04/07/6
http://www.vupen.com/english/advisories/2009/0934

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-6680, CVE-2009-1241, CVE-2009-1270

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Google Chrome Multiple Denial of Service Vulnerabilities - March12 (Mac OS X)
Colasoft Capsa Malformed SNMP V1 Packet Remote Denial of Service Vulnerability
ClamAV Multiple Vulnerabilities (Linux)
EMC Data Protection Advisor NULL Pointer Dereference Denial of Service Vulnerability
Aast! Antivirus 'aavmker4.sys' Denial Of Service Vulnerability (Win)

Take action and discover your vulnerabilities