Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2005:038: clamav Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the clamav package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2005:038 (clamav).
This security update upgrades the Clamav virus scan engine to
the version 0.68.1.
Among other bugfixes and improvements, this update fixes a bug in the
Quantum decompressor routines that can be used for a remote denial
of service attack against clamd.
This bug is tracked by the Mitre CVE ID CVE-2005-2056.
Also the Clam AV Mail Filter (clamav-milter) Plugin when used in sendmail
could be used for a remote denial of service attack.
This bug is tracked by the Mitre CVE ID CVE-2005-2070.
Solution : http://www.suse.de/security/advisories/2005_38_clamav.html
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.