This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.
The remote antivirus service is vulnerable to a file scan evasion
According to its version, the clamd antivirus daemon on the remote
host is earlier than 0.96. Such versions are reportedly affected by
multiple vulnerabilities :
- An attacker could bypass antivirus detection by
embedding malicious code in a specially crafted 'CAB'
- An error in the 'qtm_decompress()' function in
'libclamav/mspack.c' could lead to memory corruption
when scanning a specially crafted Quantum-compressed
See also :
Upgrade to ClamAV 0.96 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false
Nessus Plugin ID: 45437 (clamav_0_96.nasl)
Bugtraq ID: 39262
CVE ID: CVE-2010-0098CVE-2010-1311
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.