|
|
Family: Debian Local Security Checks --> Category: infos
[DSA1196] DSA-1196-1 clamav Vulnerability Scan
Vulnerability Scan Summary
DSA-1196-1 clamav
Detailed Explanation for this Vulnerability Test
Several remote vulnerabilities have been discovered in the ClamAV malware
scan engine, which may lead to the execution of arbitrary code. The
Common Vulnerabilities and Exposures project identifies the following
problems:
Damian Put discovered a heap overflow error in the script to rebuild
PE files, which could lead to the execution of arbitrary code.
Damian Put discovered that missing input sanitising in the CHM
handling code might lead to denial of service.
For the stable distribution (sarge) these problems have been fixed in
version 0.84-2.sarge.11. Due to technical problems with the build host
this update lacks a build for the Sparc architecture. It will be
provided soon.
For the unstable distribution (sid) these problems have been fixed in
version 0.88.5-1.
We recommend that you upgrade your clamav packages.
Solution : http://www.debian.org/security/2006/dsa-1196
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
