Medium Nessus Plugin ID 19247
SynopsisThe remote host is missing a vendor-supplied security patch
DescriptionThe remote host is missing the patch for the advisory SUSE-SA:2005:038 (clamav).
This security update upgrades the Clamav virus scan engine to the version 0.68.1.
Among other bugfixes and improvements, this update fixes a bug in the Quantum decompressor routines that can be used for a remote denial of service attack against clamd.
This bug is tracked by the Mitre CVE ID CVE-2005-2056.
Also the Clam AV Mail Filter (clamav-milter) Plugin when used in sendmail could be used for a remote denial of service attack.
This bug is tracked by the Mitre CVE ID CVE-2005-2070.