Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2006:184: clamav Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the clamav package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2006:184 (clamav).
An integer overflow in previous versions of ClamAV could allow a remote
attacker to cause a Denial of Service (scanning service crash) and
execute arbitrary code via a Portable Executable (PE) file
Another vulnerability could allow a remote attacker to cause a DoS via
a crafted compressed HTML (CHM) file that causes ClamAV to read an
invalid memory location (CVE-2006-5295).
These issues are corrected in ClamAV 0.88.5 which is provided with this
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:184
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.