Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200610-10 (clamav)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.57908

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200610-10 (clamav)

Resumen: The remote host is missing updates announced in;advisory GLSA 200610-10.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200610-10.

Vulnerability Insight:
ClamAV is vulnerable to a heap-based buffer overflow potentially allowing
remote execution of arbitrary code and a Denial of Service.

Solution:
All ClamAV users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=app-antivirus/clamav-0.88.5'

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2006-4182
http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html
BugTraq ID: 20535
http://www.securityfocus.com/bid/20535
Cert/CC Advisory: TA06-333A
http://www.us-cert.gov/cas/techalerts/TA06-333A.html
CERT/CC vulnerability note: VU#180864
http://www.kb.cert.org/vuls/id/180864
Debian Security Information: DSA-1196 (Google Search)
http://www.debian.org/security/2006/dsa-1196
http://security.gentoo.org/glsa/glsa-200610-10.xml
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=422
http://www.mandriva.com/security/advisories?name=MDKSA-2006:184
http://securitytracker.com/id?1017068
http://secunia.com/advisories/22370
http://secunia.com/advisories/22421
http://secunia.com/advisories/22488
http://secunia.com/advisories/22498
http://secunia.com/advisories/22537
http://secunia.com/advisories/22551
http://secunia.com/advisories/22626
http://secunia.com/advisories/23155
SuSE Security Announcement: SUSE-SA:2006:060 (Google Search)
http://www.novell.com/linux/security/advisories/2006_60_clamav.html
http://www.vupen.com/english/advisories/2006/4034
http://www.vupen.com/english/advisories/2006/4136
http://www.vupen.com/english/advisories/2006/4264
http://www.vupen.com/english/advisories/2006/4750
XForce ISS Database: clamav-rebuildpe-bo(29607)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29607

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.57908
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200610-10 (clamav)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200610-10.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200610-10. Vulnerability Insight: ClamAV is vulnerable to a heap-based buffer overflow potentially allowing remote execution of arbitrary code and a Denial of Service. Solution: All ClamAV users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-antivirus/clamav-0.88.5' CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-4182 http://lists.apple.com/archives/security-announce/2006/Nov/msg00001.html BugTraq ID: 20535 http://www.securityfocus.com/bid/20535 Cert/CC Advisory: TA06-333A http://www.us-cert.gov/cas/techalerts/TA06-333A.html CERT/CC vulnerability note: VU#180864 http://www.kb.cert.org/vuls/id/180864 Debian Security Information: DSA-1196 (Google Search) http://www.debian.org/security/2006/dsa-1196 http://security.gentoo.org/glsa/glsa-200610-10.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=422 http://www.mandriva.com/security/advisories?name=MDKSA-2006:184 http://securitytracker.com/id?1017068 http://secunia.com/advisories/22370 http://secunia.com/advisories/22421 http://secunia.com/advisories/22488 http://secunia.com/advisories/22498 http://secunia.com/advisories/22537 http://secunia.com/advisories/22551 http://secunia.com/advisories/22626 http://secunia.com/advisories/23155 SuSE Security Announcement: SUSE-SA:2006:060 (Google Search) http://www.novell.com/linux/security/advisories/2006_60_clamav.html http://www.vupen.com/english/advisories/2006/4034 http://www.vupen.com/english/advisories/2006/4136 http://www.vupen.com/english/advisories/2006/4264 http://www.vupen.com/english/advisories/2006/4750 XForce ISS Database: clamav-rebuildpe-bo(29607) https://exchange.xforce.ibmcloud.com/vulnerabilities/29607
Copyright	Copyright (C) 2008 E-Soft Inc.