ClamAV < 0.88.0 UPX File Processing Overflow (deprecated)
High Nessus Network Monitor Plugin ID 3362
SynopsisThe remote host is vulnerable to a heap overflow.
DescriptionThe remote host is running ClamAV, an open-source antivirus solution for Unix and Windows systems. This version of ClamAV is reported to be vulnerable to a flaw where the parsing of a malicious file will cause the clamav process to execute arbitrary code. While the details of the attack are currently unknown, it is rumoured that an attacker exploiting this flaw would only need to be able to craft and send a malformed email to a ClamAV server. Successful exploitation results in the server executing arbitrary code or crashing.
SolutionUpgrade to version 0.88.0 or higher.