Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

ClamAV < 0.88.7 MIME-encoded Scan Bypass (deprecated)

Medium

Synopsis

The antivirus product can be tricked into not scanning potentially malicious files.

Description

The remote host is running the ClamAV antivirus client version. This version of ClamAV is vulnerable to a flaw where file scanning can be bypassed by passing malformed MIME-encoded requests. An attacker exploiting this flaw would be able to send malicious files through the antivirus product without detection.

Solution

Upgrade to version 0.88.7 or higher.