SUSE-SA:2005:055: clamav

Medium Nessus Plugin ID 19934


The remote host is missing a vendor-supplied security patch


The remote host is missing the patch for the advisory SUSE-SA:2005:055 (clamav).

This update upgrades clamav to version 0.87.

It fixes vulnerabilities in handling of UPX and FSG compressed executables, which could lead to a remote attacker executing code within the daemon using clamav.

These are tracked by the Mitre CVE IDs CVE-2005-2919 and CVE-2005-2920.

Also following bugs were fixed:
- Support for PE files, Zip and Cabinet archives has been improved and other small bugfixes have been made.
- The new option '--on-outdated-execute' allows freshclam to run a command when system reports a new engine version.


Plugin Details

Severity: Medium

ID: 19934

File Name: suse_SA_2005_055.nasl

Version: $Revision: 1.5 $

Agent: unix

Published: 2005/10/05

Dependencies: 12634

Risk Information

Risk Factor: Medium

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list