ClamAV Multiple Vulnerabilities (Win) Network Vulnerability

Summary

This host has ClamAV installed, and is prone to multiple vulnerabilities.

Impact

Remote attackers may exploit this issue to inject malicious files into the system which can bypass the scan engine and may cause denial of service. Impact Level: System/Application

Solution

Upgrade to ClamAV 0.95 or later http://www.clamav.net

Insight

Multiple flaws are due to - Error in handling specially crafted RAR files which prevents the scanning of potentially malicious files. - Inadequate sanitation of files through a crafted TAR file causes clamd and clamscan to hang. - 'libclamav/pe.c' allows remote attackers to cause a denial of service via a crafted EXE which triggers a divide-by-zero error.

Affected

ClamAV before 0.95 on Windows.

References

http://blog.zoller.lu/2009/04/clamav-094-and-below-evasion-and-bypass.html
http://www.openwall.com/lists/oss-security/2009/04/07/6
http://www.vupen.com/english/advisories/2009/0934

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-6680, CVE-2009-1241, CVE-2009-1270

CVSS	Base Score: 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Adobe Digital Edition Denial of Service Vulnerability (Mac OS X)
Adobe Flash Media Server Multiple Denial of Service Vulnerabilities
Google Chrome Multiple Denial of Service Vulnerabilities - January12 (Windows)
Apple iTunes Malformed .mov File Buffer Overflow Vulnerability
Google Chrome Multiple Denial of Service Vulnerabilities - January12 (Linux)

Take action and discover your vulnerabilities