FreeBSD Local Security Checks : FreeBSD Ports: clamav

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.55418

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: clamav

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory.

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

clamav
clamav-devel

CVE-2005-2919
libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote
attackers to cause a denial of service (infinite loop) via a crafted
FSG packed executable.

CVE-2005-2920
Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before
0.87 allows remote attackers to execute arbitrary code via a crafted
UPX packed executable.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2005-2919
BugTraq ID: 14867
http://www.securityfocus.com/bid/14867
Debian Security Information: DSA-824 (Google Search)
http://www.debian.org/security/2005/dsa-824
http://www.gentoo.org/security/en/glsa/glsa-200509-13.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2005:166
http://www.osvdb.org/19507
http://secunia.com/advisories/16848
http://secunia.com/advisories/16989
SuSE Security Announcement: SUSE-SA:2005:055 (Google Search)
http://www.novell.com/linux/security/advisories/2005_55_clamav.html
http://www.vupen.com/english/advisories/2005/1774
XForce ISS Database: clam-antivirus-fsg-dos(22308)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22308
Common Vulnerability Exposure (CVE) ID: CVE-2005-2920
BugTraq ID: 14866
http://www.securityfocus.com/bid/14866
CERT/CC vulnerability note: VU#363713
http://www.kb.cert.org/vuls/id/363713
http://www.osvdb.org/19506
XForce ISS Database: clam-antivirus-upx-bo(22307)
https://exchange.xforce.ibmcloud.com/vulnerabilities/22307

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.55418
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: clamav
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: clamav clamav-devel CVE-2005-2919 libclamav/fsg.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to cause a denial of service (infinite loop) via a crafted FSG packed executable. CVE-2005-2920 Buffer overflow in libclamav/upx.c in Clam AntiVirus (ClamAV) before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2005-2919 BugTraq ID: 14867 http://www.securityfocus.com/bid/14867 Debian Security Information: DSA-824 (Google Search) http://www.debian.org/security/2005/dsa-824 http://www.gentoo.org/security/en/glsa/glsa-200509-13.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:166 http://www.osvdb.org/19507 http://secunia.com/advisories/16848 http://secunia.com/advisories/16989 SuSE Security Announcement: SUSE-SA:2005:055 (Google Search) http://www.novell.com/linux/security/advisories/2005_55_clamav.html http://www.vupen.com/english/advisories/2005/1774 XForce ISS Database: clam-antivirus-fsg-dos(22308) https://exchange.xforce.ibmcloud.com/vulnerabilities/22308 Common Vulnerability Exposure (CVE) ID: CVE-2005-2920 BugTraq ID: 14866 http://www.securityfocus.com/bid/14866 CERT/CC vulnerability note: VU#363713 http://www.kb.cert.org/vuls/id/363713 http://www.osvdb.org/19506 XForce ISS Database: clam-antivirus-upx-bo(22307) https://exchange.xforce.ibmcloud.com/vulnerabilities/22307
Copyright	Copyright (C) 2008 E-Soft Inc.