Family: SuSE Local Security Checks --> Category: infos
SUSE-SA:2005:055: clamav Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the clamav package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory SUSE-SA:2005:055 (clamav).
This update upgrades clamav to version 0.87.
It fixes vulnerabilities in handling of UPX and FSG compressed executables,
which could lead to a remote attacker executing code within the daemon
These are tracked by the Mitre CVE IDs CVE-2005-2919 and CVE-2005-2920.
Also following bugs were fixed:
- Support for PE files, Zip and Cabinet archives has been improved and
other small bugfixes have been made.
- The new option '--on-outdated-execute' allows freshclam to run a command
when system reports a new engine version.
Solution : http://www.suse.de/security/advisories/2005_55_clamav.html
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.