This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.
The remote antivirus service is affected by multiple issues.
According to its version, the clamd antivirus daemon on the remote
host is earlier than 0.94. Such versions are affected by one or more
of the following issues :
- A segmentation fault can occur when processing corrupted
LZH files. (Bug #1052)
- Invalid memory access errors in 'libclamav/chmunpack.c'
when processing malformed CHM files may lead to a
crash. (Bug #1089)
- An out-of-memory null dereference issue exists in
'libclamav/message.c' / 'libclamav/mbox.c'. (Bug #1141)
- Possible error path memory leaks exist in
'freshclam/manager.c'. (Bug #1141)
- There is an invalid close on error path in
'shared/tar.c'. (Bug #1141)
- There are multiple file descriptor leaks involving the
'error path' in 'libclamav/others.c' and
'libclamav/sis.c'. (Bug #1141)
See also :
Upgrade to ClamAV 0.94 or later.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.5
Public Exploit Available : false
Family: Gain a shell remotely
Nessus Plugin ID: 35087 (clamav_0_94.nasl)
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now