ClamAV < 0.96 Multiple Vulnerabilities (deprecated)
High Nessus Network Monitor Plugin ID 5505
SynopsisThe remote host is running an anti-virus application that is vulnerable to multiple attack vectors.
Descriptionaccording to its version, the clamd anti-virus daemon on the remote host is earlier than 0.96. Such versions are reportedly affected by multiple vulnerabilities :
- An attacker could bypass anti-virus detection by embedding malicious code in a specially crafted 'CAB' file. (1826)
- An error in the 'qtm_decompress()' function in 'libclamav/mspack.c' could lead to memory corruption when scanning a specially crafted Quantum-compressed file. (1771)
SolutionUpgrade to ClamAV 0.96 or later.