FreeBSD : clamav -- CHM unpacker and PE rebuilding vulnerabilities (8012a79d-5d21-11db-bb8d-00123ffe8333)

This script is Copyright (C) 2006-2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Secunia reports :

Two vulnerabilities have been reported in Clam AntiVirus, which
potentially can be exploited by malicious people to cause a DoS
(Denial of Service) or compromise a vulnerable system.

1) An unspecified error in the CHM unpacker in chmunpack.c can be
exploited to cause a DoS.

2) An unspecified error in rebuildpe.c when rebuilding PE files after
unpacking can be exploited to cause a heap-based buffer overflow.

See also :

http://lurker.clamav.net/message/20061016.015114.dc6a8930.en.html
http://sourceforge.net/project/shownotes.php?release_id=455799
http://www.nessus.org/u?04c57510

Solution :

Update the affected packages.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 22886 (freebsd_pkg_8012a79d5d2111dbbb8d00123ffe8333.nasl)

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now