FreeBSD Ports: Clamav Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory.

Solution

Update your system with the appropriate patches or software upgrades. http://www.clamav.net/security/0.88.2.html http://secunia.com/advisories/19880/ http://www.vuxml.org/freebsd/b088bf48-da3b-11da-93e0-00123ffe8333.html

Insight

The following packages are affected: clamav clamav-devel CVE-2006-1989 Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers sites to execute arbitrary code via long HTTP headers.

Severity

Classification

CVE CVE-2006-1989

CVSS	Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: bind96
FreeBSD Ports: bogofilter, bogofilter-qdbm, bogofilter-tdb, ru-bogofilter
FreeBSD Ports: bzip2
FreeBSD Ports: apache
FreeBSD Ports: coppermine

FreeBSD Ports: clamav

Take action and discover your vulnerabilities