Test Kennung:	1.3.6.1.4.1.25623.1.0.113625
Kategorie:	Denial of Service
Titel:	ClamAV <= 0.101.4, 0.102.0 DoS Vulnerability - Linux
Zusammenfassung:	ClamAV is prone to a denial of service (DoS) vulnerability.
Beschreibung:	Summary: ClamAV is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. Vulnerability Impact: Successful exploitation would allow an attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service. Affected Software/OS: ClamAV through version 0.101.4 and version 0.102.0. Solution: Update to version 0.101.5 or 0.102.1 respectively. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-15961 Cisco Security Advisory: https://bugzilla.clamav.net/show_bug.cgi?id=12380 https://bugzilla.clamav.net/show_bug.cgi?id=12380 Cisco Security Advisory: https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010 https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010 https://security.gentoo.org/glsa/202003-46 https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html https://usn.ubuntu.com/4230-2/
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.