This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.
The remote antivirus service is vulnerable to a denial of service
According to its version, the clamd antivirus daemon on the remote
host is earlier than 0.94.2. There is a recursive stack overflow
involving the JPEG parsing code in such versions. A remote attacker
may be able to leverage this issue to cause the application to
recursively scan a specially crafted JPEG, which will eventually cause
it to crash.
See also :
Upgrade to ClamAV 0.94.2 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 35009 (clamav_0_94_2.nasl)
Bugtraq ID: 32555
CVE ID: CVE-2008-5314
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.