Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2005:205 (clamav)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.55827
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDKSA-2005:205 (clamav)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to clamav announced via advisory MDKSA-2005:205. A number of vulnerabilities were discovered in ClamAV versions prior to 0.87.1: The OLE2 unpacker in clamd allows remote attackers to cause a DoS (segfault) via a DOC file with an invalid property tree (CVE-2005-3239) The FSG unpacker allows remote attackers to cause memory corruption and execute arbitrary code via a crafted FSG 1.33 file (CVE-2005-3303) The tnef_attachment() function allows remote attackers to cause a DoS (infinite loop and memory exhaustion) via a crafted value in a CAB file that causes ClamAV to repeatedly scan the same block (CVE-2005-3500) Remote attackers could cause a DoS (infinite loop) via a crafted CAB file (CVE-2005-3501) This update provides ClamAV 0.87.1 which corrects all of these issues. Affected: 10.1, 10.2, 2006.0, Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2005:205 Risk factor : High CVSS Score: 7.8
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2005-3239 BugTraq ID: 15101 http://www.securityfocus.com/bid/15101 Debian Security Information: DSA-887 (Google Search) http://www.debian.org/security/2005/dsa-887 http://www.gentoo.org/security/en/glsa/glsa-200511-04.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:205 http://www.osvdb.org/20536 http://securitytracker.com/id?1015154 http://secunia.com/advisories/17184 http://secunia.com/advisories/17448 http://secunia.com/advisories/17451 http://secunia.com/advisories/17501 http://secunia.com/advisories/17559 SuSE Security Announcement: SUSE-SR:2005:026 (Google Search) Common Vulnerability Exposure (CVE) ID: CVE-2005-3303 BugTraq ID: 15318 http://www.securityfocus.com/bid/15318 Bugtraq: 20051104 ZDI-05-002: Clam Antivirus Remote Code Execution (Google Search) http://archives.neohapsis.com/archives/bugtraq/2005-11/0041.html http://www.zerodayinitiative.com/advisories/ZDI-05-002.html http://www.osvdb.org/20482 http://secunia.com/advisories/17434 http://securityreason.com/securityalert/146 http://www.vupen.com/english/advisories/2005/2294 Common Vulnerability Exposure (CVE) ID: CVE-2005-3500 BugTraq ID: 15316 http://www.securityfocus.com/bid/15316 http://www.idefense.com/application/poi/display?id=333&type=vulnerabilities http://www.osvdb.org/20483 http://securityreason.com/securityalert/152 Common Vulnerability Exposure (CVE) ID: CVE-2005-3501 BugTraq ID: 15317 http://www.securityfocus.com/bid/15317 http://www.idefense.com/application/poi/display?id=334&type=vulnerabilities http://www.osvdb.org/20484 http://securityreason.com/securityalert/150
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com