ClamAV < 0.90.2 Multiple Vulnerabilities (deprecated)
Medium Nessus Network Monitor Plugin ID 3966
SynopsisThe remote host is vulnerable to a buffer overflow.
DescriptionThe remote host is running the ClamAV antivirus client.
This version of ClamAV is vulnerable to multiple attack vectors. The more serious of the flaws is a buffer overflow. An attacker exploiting this flaw would need to be able to manipulate ClamAV to scan a malicious file (via email, web, etc.). Successful exploitation would result in the attacker executing arbitrary code on the remote ClamAV scanner.
SolutionUpgrade to version 0.90.2 or higher.