Debian DSA-1366-1 : clamav - several vulnerabilities

high Nessus Plugin ID 25966

Synopsis

The remote Debian host is missing a security-related update.

Description

Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2007-4510 It was discovered that the RTF and RFC2397 parsers can be tricked into dereferencing a NULL pointer, resulting in denial of service.

- CVE-2007-4560 It was discovered that clamav-milter performs insufficient input sanitising, resulting in the execution of arbitrary shell commands.

The oldstable distribution (sarge) is only affected by a subset of the problems. An update will be provided later.

Solution

Upgrade the clamav packages.

For the stable distribution (etch) these problems have been fixed in version 0.90.1-3etch7.

See Also

https://security-tracker.debian.org/tracker/CVE-2007-4510

https://security-tracker.debian.org/tracker/CVE-2007-4560

https://www.debian.org/security/2007/dsa-1366

Plugin Details

Severity: High

ID: 25966

File Name: debian_DSA-1366.nasl

Version: 1.21

Type: local

Agent: unix

Published: 9/3/2007

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 7.6

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:clamav, cpe:/o:debian:debian_linux:4.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/1/2007

Exploitable With

CANVAS (D2ExploitPack)

Metasploit (ClamAV Milter Blackhole-Mode Remote Code Execution)

Reference Information

CVE: CVE-2007-4510, CVE-2007-4560

DSA: 1366

CWE: 78