Test ID:	1.3.6.1.4.1.25623.1.0.71536
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Ports: clamav
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory.
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: clamav clamav-devel CVE-2012-1419 The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial [aliases] character sequence. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. CVE-2012-1457 The TAR file parser in Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal (aka Cat QuickHeal) 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Emsisoft Anti-Malware 5.1.0.1, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, G Data AntiVirus 21, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Jiangmin Antivirus 13.0.900, K7 AntiVirus 9.77.3565, Kaspersky Anti-Virus 7.0.0.125, McAfee Anti-Virus Scanning Engine 5.400.0.1158, McAfee Gateway (formerly Webwasher) 2010.1C, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, NOD32 Antivirus 5795, Norman Antivirus 6.06.12, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Trend Micro AntiVirus 9.120.0.1004, Trend Micro HouseCall 9.120.0.1004, VBA32 3.12.14.2, and VirusBuster 13.6.151.0 allows remote attackers to bypass malware detection via a TAR archive entry with a length field that exceeds the total TAR file size. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different TAR parser implementations. Text truncated. Please see the references for more information. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-1419 BugTraq ID: 52572 http://www.securityfocus.com/bid/52572 Bugtraq: 20120319 Evasion attacks expoliting file-parsing vulnerabilities in antivirus products (Google Search) http://www.securityfocus.com/archive/1/522005 http://www.ieee-security.org/TC/SP2012/program.html http://osvdb.org/80409 Common Vulnerability Exposure (CVE) ID: CVE-2012-1457 BugTraq ID: 52610 http://www.securityfocus.com/bid/52610 http://www.mandriva.com/security/advisories?name=MDVSA-2012:094 http://osvdb.org/80389 http://osvdb.org/80391 http://osvdb.org/80392 http://osvdb.org/80393 http://osvdb.org/80395 http://osvdb.org/80396 http://osvdb.org/80403 http://osvdb.org/80406 http://osvdb.org/80407 SuSE Security Announcement: openSUSE-SU-2012:0833 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-07/msg00002.html XForce ISS Database: multiple-av-tar-length-evasion(74293) https://exchange.xforce.ibmcloud.com/vulnerabilities/74293 Common Vulnerability Exposure (CVE) ID: CVE-2012-1458 BugTraq ID: 52611 http://www.securityfocus.com/bid/52611 http://osvdb.org/80473 http://osvdb.org/80474 XForce ISS Database: multiple-av-chm-header-evasion(74301) https://exchange.xforce.ibmcloud.com/vulnerabilities/74301 Common Vulnerability Exposure (CVE) ID: CVE-2012-1459 BugTraq ID: 52623 http://www.securityfocus.com/bid/52623 http://osvdb.org/80390 XForce ISS Database: multiple-av-tar-header-evasion(74302) https://exchange.xforce.ibmcloud.com/vulnerabilities/74302
Copyright	Copyright (C) 2012 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.