This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.
The remote antivirus service is vulnerable to a file scan evasion
According to its version, the clamd antivirus daemon on the remote
host is earlier than 0.95.2. Such versions are reportedly affected by
multiple scan evasion vulnerabilities :
- An attacker could bypass antivirus detection by
embedding malicious code in a specially crafted 'CAB',
'RAR', or 'ZIP' archive.
- Due to an issue in 'libclamav/mbox.c', an attacker can
bypass antivirus detection by sending a UTF-16 encoded
- Due to an issue in 'libclamav/readdb.c', certain
signatures that should be rejected are able to bypass
See also :
Upgrade to ClamAV 0.95.2 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false
Nessus Plugin ID: 39437 (clamav_0_95_2.nasl)
Bugtraq ID: 353983541035426
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.