This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200709-14
(ClamAV: Multiple vulnerabilities)
Nikolaos Rangos discovered a vulnerability in ClamAV which exists
because the recipient address extracted from email messages is not
properly sanitized before being used in a call to 'popen()' when
executing sendmail (CVE-2007-4560). Also, NULL-pointer dereference
errors exist within the 'cli_scanrtf()' function in libclamav/rtf.c and
Stefanos Stamatis discovered a NULL-pointer dereference vulnerability
within the 'cli_html_normalise()' function in libclamav/htmlnorm.c
The unsanitized recipient address can be exploited to execute arbitrary
code with the privileges of the clamav-milter process by sending an
email with a specially crafted recipient address to the affected
system. Also, the NULL-pointer dereference errors can be exploited to
crash ClamAV. Successful exploitation of the latter vulnerability
requires that clamav-milter is started with the 'black hole' mode
activated, which is not enabled by default.
There is no known workaround at this time.
See also :
All ClamAV users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=app-antivirus/clamav-0.91.2'
Risk factor :
High / CVSS Base Score : 7.6
Public Exploit Available : true