Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2006:138: clamav Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the clamav package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2006:138 (clamav).
Damian Put discovered a boundary error in the UPX extraction module in
ClamAV which is used to unpack PE Windows executables. This could be
abused to cause a Denial of Service issue and potentially allow for
the execution of arbitrary code with the permissions of the user
running clamscan or clamd.
Updated packages have been patched to correct this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:138
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.