Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2006:230: clamav Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the clamav package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2006:230 (clamav).
The latest version of ClamAV, 0.88.7, fixes some bugs, including
vulnerabilities with handling base64-encoded MIME attachment files that
can lead to either a) a crash (CVE-2006-5874), or b) a bypass of virus
As well, a vulnerability was discovered that allows remote attackers to
cause a stack overflow and application crash by wrapping many layers of
multipart/mixed content around a document (CVE-2006-6481).
The latest ClamAV is being provided to address these issues.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:230
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.