Trustix Local Security Checks : Trustix Security Advisory TSLSA-2007-0020 (clamav)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.59656

Categoría: Trustix Local Security Checks

Título: Trustix Security Advisory TSLSA-2007-0020 (clamav)

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory TSLSA-2007-0020.

clamav < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 >
- New Upstream.
- Multiple Security Fixes.
- Victor Stinner has reported a vulnerability in ClamAV, caused due to
an error within the OLE2 parser when handling objects with malformed
FAT partitions and large property sizes. This can be exploited to
cause a DoS due to storage and CPU resource consumption by scanning
a specially crafted OLE2 file.

The Common Vulnerabilities and Exposures project has assigned the
name CVE-2007-2650 to this issue.

Solution:
Update your system with the packages as indicated in
the referenced security advisory.

http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2007-0020

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-2650
BugTraq ID: 24316
http://www.securityfocus.com/bid/24316
Debian Security Information: DSA-1320 (Google Search)
http://www.debian.org/security/2007/dsa-1320
http://security.gentoo.org/glsa/glsa-200706-05.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:115
http://article.gmane.org/gmane.comp.security.virus.clamav.devel/2853
http://lurker.clamav.net/message/20070418.111144.0df6c5d3.en.html
http://secunia.com/advisories/25244
http://secunia.com/advisories/25523
http://secunia.com/advisories/25525
http://secunia.com/advisories/25553
http://secunia.com/advisories/25558
http://secunia.com/advisories/25688
http://secunia.com/advisories/25796
SuSE Security Announcement: SUSE-SA:2007:033 (Google Search)
http://www.novell.com/linux/security/advisories/2007_33_clamav.html
http://www.trustix.org/errata/2007/0020/
http://www.vupen.com/english/advisories/2007/1776

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.59656
Categoría:	Trustix Local Security Checks
Título:	Trustix Security Advisory TSLSA-2007-0020 (clamav)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory TSLSA-2007-0020. clamav < TSL 3.0.5 > < TSL 3.0 > < TSL 2.2 > - New Upstream. - Multiple Security Fixes. - Victor Stinner has reported a vulnerability in ClamAV, caused due to an error within the OLE2 parser when handling objects with malformed FAT partitions and large property sizes. This can be exploited to cause a DoS due to storage and CPU resource consumption by scanning a specially crafted OLE2 file. The Common Vulnerabilities and Exposures project has assigned the name CVE-2007-2650 to this issue. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=TSLSA-2007-0020 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-2650 BugTraq ID: 24316 http://www.securityfocus.com/bid/24316 Debian Security Information: DSA-1320 (Google Search) http://www.debian.org/security/2007/dsa-1320 http://security.gentoo.org/glsa/glsa-200706-05.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:115 http://article.gmane.org/gmane.comp.security.virus.clamav.devel/2853 http://lurker.clamav.net/message/20070418.111144.0df6c5d3.en.html http://secunia.com/advisories/25244 http://secunia.com/advisories/25523 http://secunia.com/advisories/25525 http://secunia.com/advisories/25553 http://secunia.com/advisories/25558 http://secunia.com/advisories/25688 http://secunia.com/advisories/25796 SuSE Security Announcement: SUSE-SA:2007:033 (Google Search) http://www.novell.com/linux/security/advisories/2007_33_clamav.html http://www.trustix.org/errata/2007/0020/ http://www.vupen.com/english/advisories/2007/1776
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com