ID de Prueba:	1.3.6.1.4.1.25623.1.0.113625
Categoría:	Denial of Service
Título:	ClamAV <= 0.101.4, 0.102.0 DoS Vulnerability - Linux
Resumen:	ClamAV is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: ClamAV is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. Vulnerability Impact: Successful exploitation would allow an attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service. Affected Software/OS: ClamAV through version 0.101.4 and version 0.102.0. Solution: Update to version 0.101.5 or 0.102.1 respectively. CVSS Score: 7.1 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-15961 Cisco Security Advisory: https://bugzilla.clamav.net/show_bug.cgi?id=12380 https://bugzilla.clamav.net/show_bug.cgi?id=12380 Cisco Security Advisory: https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010 https://quickview.cloudapps.cisco.com/quickview/bug/CSCvr56010 https://security.gentoo.org/glsa/202003-46 https://lists.debian.org/debian-lts-announce/2020/02/msg00016.html https://usn.ubuntu.com/4230-2/
Copyright	Copyright (C) 2020 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.