|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200404-07] ClamAV RAR Archive Remote Denial Of Service Vulnerability Vulnerability Scan
Vulnerability Scan Summary ClamAV RAR Archive Remote Denial Of Service Vulnerability
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200404-07
(ClamAV RAR Archive Remote Denial Of Service Vulnerability)
Certain types of RAR archives, including those created by variants of the
W32.Beagle.A@mm worm, may cause clamav to crash when it attempts to process
them.
Impact
This vulnerability causes a Denial of Service in the clamav process. Depending on
configuration, this may cause dependent services such as mail to fail as well.
Workaround
A workaround is not currently known for this issue. All users are advised
to upgrade to the latest version of the affected package.
Solution:
ClamAV users should upgrade to version 0.68.1 or later:
# emerge sync
# emerge -pv ">=net-mail/clamav-0.68.1"
# emerge ">=net-mail/clamav-0.68.1"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|