ClamAV < 0.97.7 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 6781

Synopsis

The remote host is running an anti-virus application that is affected by multiple vulnerabilities

Description

Versions of ClamAV earlier than 0.97.7 are potentially affected by the following vulnerabilities :

- A memory access error exists related to the function 'check_user_password' and debug-printing that could access 32 bytes rather than the proper 16 bytes. (Issue 6804)

- A heap-corruption error exists in the function 'wwunpack' in the file 'libclamav/wwunpack.c' related to unpacking 'WWPack' files. (Issue 6806)

- An unspecified overflow error exists related to 'y0da' emulation that could result in application crashes or other unspecified impact. (Issue 6809)

- A double-free error exists in the function 'unrar_extract_next_prepare' in the file 'libclamunrar_iface/unrar_iface.c' related to handling 'RAR' files

Solution

Upgrade to ClamAV 0.97.7 or later.

See Also

http://blog.clamav.net/2013/03/clamav-0977-has-been-released.html

http://www.nessus.org/u?56cc8304

Plugin Details

Severity: Medium

ID: 6781

File Name: 6781.prm

Family: Web Clients

Published: 2013/05/02

Modified: 2016/11/16

Dependencies: 9794

Nessus ID: 65668

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 5.6

Temporal Score: 5.2

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:clamav

Patch Publication Date: 2013/02/12

Vulnerability Publication Date: 2013/03/15

Reference Information

BID: 58546