Test Kennung:	1.3.6.1.4.1.25623.1.0.60833
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Ports: clamav
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory.
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: clamav clamav-devel CVE-2008-1100 Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file. CVE-2008-1387 ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive, as demonstrated by the PROTOS GENOME test suite for Archive Formats. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1100 http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html BugTraq ID: 28756 http://www.securityfocus.com/bid/28756 BugTraq ID: 28784 http://www.securityfocus.com/bid/28784 Cert/CC Advisory: TA08-260A http://www.us-cert.gov/cas/techalerts/TA08-260A.html CERT/CC vulnerability note: VU#858595 http://www.kb.cert.org/vuls/id/858595 Debian Security Information: DSA-1549 (Google Search) http://www.debian.org/security/2008/dsa-1549 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.html https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.html http://security.gentoo.org/glsa/glsa-200805-19.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:088 http://secunia.com/secunia_research/2008-11/advisory/ http://www.securitytracker.com/id?1019837 http://secunia.com/advisories/29000 http://secunia.com/advisories/29863 http://secunia.com/advisories/29886 http://secunia.com/advisories/29891 http://secunia.com/advisories/29975 http://secunia.com/advisories/30253 http://secunia.com/advisories/30328 http://secunia.com/advisories/31882 SuSE Security Announcement: SUSE-SA:2008:024 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html SuSE Security Announcement: openSUSE-SU-2015:0906 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html http://www.vupen.com/english/advisories/2008/1218/references http://www.vupen.com/english/advisories/2008/2584 XForce ISS Database: clamav-cliscanpe-bo(41789) https://exchange.xforce.ibmcloud.com/vulnerabilities/41789 Common Vulnerability Exposure (CVE) ID: CVE-2008-1387 BugTraq ID: 28782 http://www.securityfocus.com/bid/28782 Bugtraq: 20080415 clamav: Endless loop / hang with crafter arj, CVE-2008-1387 (Google Search) http://www.securityfocus.com/archive/1/490863/100/0/threaded http://int21.de/cve/CVE-2008-1387-clamav.html http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/ http://secunia.com/advisories/31576 http://www.vupen.com/english/advisories/2008/1227/references XForce ISS Database: clamav-arj-unspecified-dos(41822) https://exchange.xforce.ibmcloud.com/vulnerabilities/41822
Copyright	Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.