Mandrake Local Security Checks : Mandrake Security Advisory MDKSA-2006:016 (clamav)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.56137

Categoría: Mandrake Local Security Checks

Título: Mandrake Security Advisory MDKSA-2006:016 (clamav)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing an update to clamav
announced via advisory MDKSA-2006:016.

A heap-based buffer overflow was discovered in ClamAV versions prior to
0.88 which allows remote attackers to cause a crash and possibly
execute arbitrary code via specially crafted UPX files.

This update provides ClamAV 0.88 which corrects this issue and also
fixes some other bugs.

Affected: 10.1, 10.2, 2006.0, Corporate 3.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:016

Risk factor : High

CVSS Score:
7.5

Referencia Cruzada: BugTraq ID: 16191
Common Vulnerability Exposure (CVE) ID: CVE-2006-0162
http://www.securityfocus.com/bid/16191
CERT/CC vulnerability note: VU#385908
http://www.kb.cert.org/vuls/id/385908
Debian Security Information: DSA-947 (Google Search)
http://www.debian.org/security/2006/dsa-947
http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041325.html
http://www.gentoo.org/security/en/glsa/glsa-200601-07.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2006:016
http://www.zerodayinitiative.com/advisories/ZDI-06-001.html
http://www.osvdb.org/22318
http://securitytracker.com/id?1015457
http://secunia.com/advisories/18379
http://secunia.com/advisories/18453
http://secunia.com/advisories/18463
http://secunia.com/advisories/18478
http://secunia.com/advisories/18548
http://securityreason.com/securityalert/342
http://www.trustix.org/errata/2006/0002/
http://www.vupen.com/english/advisories/2006/0116
XForce ISS Database: clamav-libclamav-upx-bo(24047)
https://exchange.xforce.ibmcloud.com/vulnerabilities/24047

Copyright Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.56137
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2006:016 (clamav)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to clamav announced via advisory MDKSA-2006:016. A heap-based buffer overflow was discovered in ClamAV versions prior to 0.88 which allows remote attackers to cause a crash and possibly execute arbitrary code via specially crafted UPX files. This update provides ClamAV 0.88 which corrects this issue and also fixes some other bugs. Affected: 10.1, 10.2, 2006.0, Corporate 3.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDKSA-2006:016 Risk factor : High CVSS Score: 7.5
Referencia Cruzada:	BugTraq ID: 16191 Common Vulnerability Exposure (CVE) ID: CVE-2006-0162 http://www.securityfocus.com/bid/16191 CERT/CC vulnerability note: VU#385908 http://www.kb.cert.org/vuls/id/385908 Debian Security Information: DSA-947 (Google Search) http://www.debian.org/security/2006/dsa-947 http://lists.grok.org.uk/pipermail/full-disclosure/2006-January/041325.html http://www.gentoo.org/security/en/glsa/glsa-200601-07.xml http://www.mandriva.com/security/advisories?name=MDKSA-2006:016 http://www.zerodayinitiative.com/advisories/ZDI-06-001.html http://www.osvdb.org/22318 http://securitytracker.com/id?1015457 http://secunia.com/advisories/18379 http://secunia.com/advisories/18453 http://secunia.com/advisories/18463 http://secunia.com/advisories/18478 http://secunia.com/advisories/18548 http://securityreason.com/securityalert/342 http://www.trustix.org/errata/2006/0002/ http://www.vupen.com/english/advisories/2006/0116 XForce ISS Database: clamav-libclamav-upx-bo(24047) https://exchange.xforce.ibmcloud.com/vulnerabilities/24047
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com