ClamAV < 0.95 Scan Evasion (deprecated)

High Nessus Network Monitor Plugin ID 4982


The remote host is missing a critical security patch or upgrade.


According to its version, the clamd antivirus daemon on the remote host is earlier than 0.95. Such versions fail to handle certain malformed 'RAR' archive files, and hence it may be possible for certain archive files to evade detection from the scan engine.


Upgrade to version 0.95 or higher.

See Also (bb#1467)

Plugin Details

Severity: High

ID: 4982

Family: Web Clients

Published: 2009/04/03

Updated: 2019/03/06

Dependencies: 1735, 8314

Nessus ID: 36075

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSS v3.0

Base Score: 7.5

Temporal Score: 7.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Reference Information

CVE: CVE-2008-6680, CVE-2009-1270, CVE-2009-1241

BID: 34344, 34357