Summary
This host has ClamAV installed and is prone to multiple vulnerabilities.
Impact
Remote attackers may exploit this issue to inject malicious files into the system which can bypass the scan engine and may cause denial of service.
Impact Level: System/Application
Solution
Upgrade to ClamAV 0.95
http://www.clamav.net
Insight
Multiple flaws are due to
- Error in handling specially crafted RAR files which prevents the scanning of potentially malicious files.
- Inadequate sanitation of files through a crafted TAR file causes clamd and clamscan to hang.
- 'libclamav/pe.c' allows remote attackers to cause a denial of service via a crafted EXE which triggers a divide-by-zero error.
Affected
ClamAV before 0.95 on Linux
References
Severity
Classification
-
CVE CVE-2008-6680, CVE-2009-1241, CVE-2009-1270 -
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C
Related Vulnerabilities
- EMC Data Protection Advisor NULL Pointer Dereference Denial of Service Vulnerability
- Apache 'mod_deflate' Denial Of Service Vulnerability - July09
- Apple QuickTime Multiple Denial Of Service Vulnerabilities (Win)
- EMC NetWorker 'nsrexecd' RPC Packet Denial of Service Vulnerability
- Adobe Reader '.ETD File' Denial of Service Vulnerability (Linux)