Debian Local Security Checks : Debian Security Advisory DSA 737-1 (clamav)

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.54185

Category: Debian Local Security Checks

Title: Debian Security Advisory DSA 737-1 (clamav)

Summary: Debian Security Advisory DSA 737-1 (clamav)

Description: The remote host is missing an update to clamav
announced via advisory DSA 737-1.

A number of potential remote DOS vulnerabilities have been identified in
ClamAV. In addition to the four issues identified by CVE ID above, there
are fixes for issues in libclamav/cvd.c and libclamav/message.c.
Together, these issues could allow a carefully crafted message to crash
a ClamAV scanner or exhaust various resources on the machine running the
scanner.

For the stable distribution (sarge), these problems have been fixed in
version 0.84-2.sarge.1.

We recommend that you upgrade your clamav package.

Solution:
http://www.securityspace.com/smysecure/catid.html?in=DSA%20737-1

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-1922
http://www.idefense.com/application/poi/display?id=276&type=vulnerabilities&flashstatus=true
Debian Security Information: DSA-737 (Google Search)
http://www.debian.org/security/2005/dsa-737
Common Vulnerability Exposure (CVE) ID: CVE-2005-1923
http://www.idefense.com/application/poi/display?id=275&type=vulnerabilities
Common Vulnerability Exposure (CVE) ID: CVE-2005-2056
http://www.gentoo.org/security/en/glsa/glsa-200506-23.xml
SuSE Security Announcement: SUSE-SA:2005:038 (Google Search)
http://www.novell.com/linux/security/advisories/2005_38_clamav.html
BugTraq ID: 14058
http://www.securityfocus.com/bid/14058
http://secunia.com/advisories/15811
Common Vulnerability Exposure (CVE) ID: CVE-2005-2070
Bugtraq: 20050623 long sendmail timeouts let attacker prevent milter quiesce (Google Search)
http://seclists.org/lists/bugtraq/2005/Jun/0197.html
BugTraq ID: 14047
http://www.securityfocus.com/bid/14047

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.54185
Category:	Debian Local Security Checks
Title:	Debian Security Advisory DSA 737-1 (clamav)
Summary:	Debian Security Advisory DSA 737-1 (clamav)
Description:	The remote host is missing an update to clamav announced via advisory DSA 737-1. A number of potential remote DOS vulnerabilities have been identified in ClamAV. In addition to the four issues identified by CVE ID above, there are fixes for issues in libclamav/cvd.c and libclamav/message.c. Together, these issues could allow a carefully crafted message to crash a ClamAV scanner or exhaust various resources on the machine running the scanner. For the stable distribution (sarge), these problems have been fixed in version 0.84-2.sarge.1. We recommend that you upgrade your clamav package. Solution: http://www.securityspace.com/smysecure/catid.html?in=DSA%20737-1
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1922 http://www.idefense.com/application/poi/display?id=276&type=vulnerabilities&flashstatus=true Debian Security Information: DSA-737 (Google Search) http://www.debian.org/security/2005/dsa-737 Common Vulnerability Exposure (CVE) ID: CVE-2005-1923 http://www.idefense.com/application/poi/display?id=275&type=vulnerabilities Common Vulnerability Exposure (CVE) ID: CVE-2005-2056 http://www.gentoo.org/security/en/glsa/glsa-200506-23.xml SuSE Security Announcement: SUSE-SA:2005:038 (Google Search) http://www.novell.com/linux/security/advisories/2005_38_clamav.html BugTraq ID: 14058 http://www.securityfocus.com/bid/14058 http://secunia.com/advisories/15811 Common Vulnerability Exposure (CVE) ID: CVE-2005-2070 Bugtraq: 20050623 long sendmail timeouts let attacker prevent milter quiesce (Google Search) http://seclists.org/lists/bugtraq/2005/Jun/0197.html BugTraq ID: 14047 http://www.securityfocus.com/bid/14047
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com