ID de Prueba:	1.3.6.1.4.1.25623.1.0.60833
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: clamav
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: clamav clamav-devel CVE-2008-1100 Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file. CVE-2008-1387 ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive, as demonstrated by the PROTOS GENOME test suite for Archive Formats. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1100 http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html BugTraq ID: 28756 http://www.securityfocus.com/bid/28756 BugTraq ID: 28784 http://www.securityfocus.com/bid/28784 Cert/CC Advisory: TA08-260A http://www.us-cert.gov/cas/techalerts/TA08-260A.html CERT/CC vulnerability note: VU#858595 http://www.kb.cert.org/vuls/id/858595 Debian Security Information: DSA-1549 (Google Search) http://www.debian.org/security/2008/dsa-1549 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.html https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.html http://security.gentoo.org/glsa/glsa-200805-19.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:088 http://secunia.com/secunia_research/2008-11/advisory/ http://www.securitytracker.com/id?1019837 http://secunia.com/advisories/29000 http://secunia.com/advisories/29863 http://secunia.com/advisories/29886 http://secunia.com/advisories/29891 http://secunia.com/advisories/29975 http://secunia.com/advisories/30253 http://secunia.com/advisories/30328 http://secunia.com/advisories/31882 SuSE Security Announcement: SUSE-SA:2008:024 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html SuSE Security Announcement: openSUSE-SU-2015:0906 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html http://www.vupen.com/english/advisories/2008/1218/references http://www.vupen.com/english/advisories/2008/2584 XForce ISS Database: clamav-cliscanpe-bo(41789) https://exchange.xforce.ibmcloud.com/vulnerabilities/41789 Common Vulnerability Exposure (CVE) ID: CVE-2008-1387 BugTraq ID: 28782 http://www.securityfocus.com/bid/28782 Bugtraq: 20080415 clamav: Endless loop / hang with crafter arj, CVE-2008-1387 (Google Search) http://www.securityfocus.com/archive/1/490863/100/0/threaded http://int21.de/cve/CVE-2008-1387-clamav.html http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/ http://secunia.com/advisories/31576 http://www.vupen.com/english/advisories/2008/1227/references XForce ISS Database: clamav-arj-unspecified-dos(41822) https://exchange.xforce.ibmcloud.com/vulnerabilities/41822
Copyright	Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.