Mandrake Linux Security Advisory : clamav (MDKSA-2006:080)
Medium Nessus Plugin ID 21320
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionUlf Harnhammar discovered that the freshclam tool does not do a proper check for the size of header data received from a web server. This could potentially allow a specially prepared HTTP server to exploit freshclam clients connecting to a database mirror and causing a DoS.
The updated packages have been updated to Clamav 0.88.2 which corrects this problem.
SolutionUpdate the affected packages.