SUSE-SA:2005:055: clamav

medium Nessus Plugin ID 19934

Synopsis

The remote host is missing a vendor-supplied security patch

Description

The remote host is missing the patch for the advisory SUSE-SA:2005:055 (clamav).

This update upgrades clamav to version 0.87.

It fixes vulnerabilities in handling of UPX and FSG compressed executables, which could lead to a remote attacker executing code within the daemon using clamav.

These are tracked by the Mitre CVE IDs CVE-2005-2919 and CVE-2005-2920.

Also following bugs were fixed:
- Support for PE files, Zip and Cabinet archives has been improved and other small bugfixes have been made.
- The new option '--on-outdated-execute' allows freshclam to run a command when system reports a new engine version.

Solution

http://www.suse.de/security/advisories/2005_55_clamav.html

Plugin Details

Severity: Medium

ID: 19934

File Name: suse_SA_2005_055.nasl

Version: 1.10

Agent: unix

Family: SuSE Local Security Checks

Published: 10/5/2005

Updated: 1/14/2021

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Detections

Analytics