Debian Security Advisory DSA 1232-1 (clamav) Network Vulnerability

Summary

The remote host is missing an update to clamav announced via advisory DSA 1232-1. Stephen Gran discovered that malformed base64-encoded MIME attachments can lead to denial of service through a null pointer dereference.

Solution

For the stable distribution (sarge) this problem has been fixed in version 0.84-2.sarge.12. For the upcoming stable distribution (etch) this problem has been fixed in version 0.86-1. For the unstable distribution (sid) this problem has been fixed in version 0.86-1. We recommend that you upgrade your clamav package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201232-1

Severity

Classification

CVE CVE-2006-5874

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 083-1 (procmail)
Debian Security Advisory DSA 1110-1 (samba)
Debian Security Advisory DSA 1010-1 (ilohamail)
Debian Security Advisory DSA 1050-1 (clamav)
Debian Security Advisory DSA 1148-1 (gallery)

Take action and discover your vulnerabilities