The remote host is missing an update to clamav announced via advisory DSA 1263-1. Several remote vulnerabilities have been discovered in in the Clam anti-virus toolkit, which may lead to denial of service. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-0897 It was discovered that malformed CAB archives may exhaust file descriptors, which allows denial of service. CVE-2007-0898 It was discovered that a directory traversal vulnerability in the MIME header parser may lead to denial of service.

For the stable distribution (sarge) these problems have been fixed in version 0.84-2.sarge.15. For the upcoming stable distribution (etch) these problems have been fixed in version 0.88.7-2. For the unstable distribution (sid) these problems have been fixed in version 0.90-1. We recommend that you upgrade your clamav packages. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201263-1