Detections
Analytics
ClamAV < 0.97 Multiple Vulnerabilities
high Nessus Plugin ID 51935
Language:
Synopsis
The remote antivirus service is affected by multiple vulnerabilities.Description
According to its version, the clamd antivirus daemon on the remote host is earlier than 0.97. Such versions reportedly are affected by multiple vulnerabilities :- As-yet unspecified double-free issues involving an error path exist in 'libclamav/vba_extract.c' and 'shared/cdiff.c'. (Bug 2486 and report from <mt*debian.org>)
- 'libclamav/pdf.c' may miss detection. (Bug 2455)
- Multiple as-yet unspecified error path leaks exit in 'clamav-milter/whitelist.c', 'clamscan/manager.c', and 'libclamav/sis.c'. (Report from <mt*debian.org>)
Solution
Upgrade to ClamAV 0.97 or later.See Also
https://blog.clamav.net/2011/02/clamav-097-has-been-released.html
https://github.com/vrtadmin/clamav-devel/blob/master/ChangeLog
Plugin Details
Severity: High
ID: 51935
File Name: clamav_0_97.nasl
Version: 1.14
Type: remote
Family: Misc.
Published: 2/10/2011
Updated: 11/15/2018
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:clamav:clamav
Required KB Items: Antivirus/ClamAV/version, Settings/ParanoidReport
Exploit Ease: No known exploits are available
Patch Publication Date: 2/7/2011
Vulnerability Publication Date: 2/7/2011
Reference Information
CVE: CVE-2011-1003
BID: 46470