This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.
The remote antivirus service is affected by multiple issues.
According to its version, the clamd antivirus daemon on the remote
host is earlier than 0.94. Such versions are affected by one or more
of the following issues :
- A segmentation fault can occur when processing corrupted
LZH files. (Bug #1052)
- Invalid memory access errors in 'libclamav/chmunpack.c'
when processing malformed CHM files may lead to a
crash. (Bug #1089)
- An out-of-memory null dereference issue exists in
'libclamav/message.c' / 'libclamav/mbox.c'. (Bug #1141)
- Possible error path memory leaks exist in
'freshclam/manager.c'. (Bug #1141)
- There is an invalid close on error path in
'shared/tar.c'. (Bug #1141)
- There are multiple file descriptor leaks involving the
'error path' in 'libclamav/others.c' and
'libclamav/sis.c'. (Bug #1141)
See also :
Upgrade to ClamAV 0.94 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.5
Public Exploit Available : false
Family: Gain a shell remotely
Nessus Plugin ID: 35087 (clamav_0_94.nasl)
Bugtraq ID: 309943105132752
CVE ID: CVE-2008-1389CVE-2008-3912CVE-2008-3913CVE-2008-3914CVE-2008-6845
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.