This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.
The remote FreeBSD host is missing one or more security-related
The Zero Day Initiative reports :
This vulnerability allows remote attackers to execute arbitrary code
on vulnerable Clam AntiVirus installations. Authentication is not
required to exploit this vulnerability.
This specific flaw exists within libclamav/upx.c during the unpacking
of executable files compressed with UPX. Due to an invalid size
calculation during a data copy from the user-controlled file to heap
allocated memory, an exploitable memory corruption condition is
See also :
Update the affected packages.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 5.5
Public Exploit Available : false