ClamAV Multiple Vulnerabilities (Win) Network Vulnerability

Summary

This host has ClamAV installed, and is prone to multiple vulnerabilities.

Impact

Remote attackers may exploit this issue to inject malicious files into the system which can bypass the scan engine and may cause denial of service. Impact Level: System/Application

Solution

Upgrade to ClamAV 0.95 or later http://www.clamav.net

Insight

Multiple flaws are due to - Error in handling specially crafted RAR files which prevents the scanning of potentially malicious files. - Inadequate sanitation of files through a crafted TAR file causes clamd and clamscan to hang. - 'libclamav/pe.c' allows remote attackers to cause a denial of service via a crafted EXE which triggers a divide-by-zero error.

Affected

ClamAV before 0.95 on Windows.

References

http://blog.zoller.lu/2009/04/clamav-094-and-below-evasion-and-bypass.html
http://www.openwall.com/lists/oss-security/2009/04/07/6
http://www.vupen.com/english/advisories/2009/0934

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-6680, CVE-2009-1241, CVE-2009-1270
CVSS Base Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Easy RM to MP3 Converter Buffer Overflow Vulnerability
Checkpoint Firewall-1 UDP denial of service
CesarFTP MKD Command Buffer Overflow
Adobe Flash Player/Air Multiple DoS Vulnerabilities - Aug09 (Linux)
Apple Safari Multiple Vulnerabilities June-09 (Win) - I

Take action and discover your vulnerabilities