icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

ClamAV < 0.86.1 Content-parsing DoS

Low

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote host is running ClamAV, an open-source antivirus solution for Unix-like systems. This version of ClamAV is reported to be vulnerable to a flaw where the parsing of a malicious file will cause the ClamAV process to crash. An attacker exploiting this flaw would need to be able to send a specially formed email to the system running ClamAV. Successful exploitation would result in loss of service.

Solution

Upgrade to version 0.86.1 or higher.