Detections
Analytics

ClamAV < 0.97.7 Multiple Vulnerabilities

medium Nessus Network Monitor Plugin ID 6781

Synopsis

The remote host is running an anti-virus application that is affected by multiple vulnerabilities

Description

Versions of ClamAV earlier than 0.97.7 are potentially affected by the following vulnerabilities :

- A memory access error exists related to the function 'check_user_password' and debug-printing that could access 32 bytes rather than the proper 16 bytes. (Issue 6804)

 - A heap-corruption error exists in the function 'wwunpack' in the file 'libclamav/wwunpack.c' related to unpacking 'WWPack' files. (Issue 6806)

 - An unspecified overflow error exists related to 'y0da' emulation that could result in application crashes or other unspecified impact. (Issue 6809)

 - A double-free error exists in the function 'unrar_extract_next_prepare' in the file 'libclamunrar_iface/unrar_iface.c' related to handling 'RAR' files

Solution

Upgrade to ClamAV 0.97.7 or later.

See Also

http://blog.clamav.net/2013/03/clamav-0977-has-been-released.html

http://www.nessus.org/u?56cc8304

Plugin Details

Severity: Medium

ID: 6781

Family: Web Clients

Published: 5/2/2013

Updated: 3/6/2019

Nessus ID: 65668

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5.6

Temporal Score: 5.2

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:clamav

Patch Publication Date: 2/12/2013

Vulnerability Publication Date: 3/15/2013

Reference Information

CVE: CVE-2013-7087, CVE-2013-7088, CVE-2013-7089

BID: 58546