Mandriva Linux Security Advisory : clamav (MDVSA-2011:122)
Medium Nessus Plugin ID 55848
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been discovered and corrected in clamav :
Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations (CVE-2011-2721).
Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:
The updated packages have been upgraded to the 0.97.2 version which is not vulnerable to this issue.
SolutionUpdate the affected packages.