Mandriva Linux Security Advisory : clamav (MDVSA-2008:189-1)

Critical Nessus Plugin ID 38032


The remote Mandriva Linux host is missing one or more security updates.


Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.94 release, including :

A vulnerability in ClamAV's chm-parser allowed remote attackers to cause a denial of service (application crash) via a malformed CHM file (CVE-2008-1389).

A vulnerability in libclamav would allow attackers to cause a denial of service via vectors related to an out-of-memory condition (CVE-2008-3912).

Multiple memory leaks were found in ClamAV that could possibly allow attackers to cause a denial of service via excessive memory consumption (CVE-2008-3913).

A number of unspecified vulnerabilities in ClamAV were reported that have an unknown impact and attack vectors related to file descriptor leaks (CVE-2008-3914).

Other bugs have also been corrected in 0.94 which is being provided with this update. Because this new version has increased the major of the libclamav library, updated dependent packages are also being provided.

Update :

The previous update had experimental support enabled, which caused ClamAV to report the version as 0.94-exp rather than 0.94, causing ClamAV to produce bogus warnings about the installation being outdated. This update corrects that problem.


Update the affected packages.

Plugin Details

Severity: Critical

ID: 38032

File Name: mandriva_MDVSA-2008-189.nasl

Version: $Revision: 1.13 $

Type: local

Published: 2009/04/23

Modified: 2016/11/28

Dependencies: 12634

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:clamav, p-cpe:/a:mandriva:linux:clamav-db, p-cpe:/a:mandriva:linux:clamav-milter, p-cpe:/a:mandriva:linux:clamd, p-cpe:/a:mandriva:linux:lib64clamav-devel, p-cpe:/a:mandriva:linux:lib64clamav5, p-cpe:/a:mandriva:linux:libclamav-devel, p-cpe:/a:mandriva:linux:libclamav5, cpe:/o:mandriva:linux:2007.1, cpe:/o:mandriva:linux:2008.0, cpe:/o:mandriva:linux:2008.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2008/09/17

Reference Information

CVE: CVE-2008-1389, CVE-2008-3912, CVE-2008-3913, CVE-2008-3914

BID: 30994, 31051

MDVSA: 2008:189-1

CWE: 200, 399