SuSE Update For Clamav SUSE-SA:2008:024 Network Vulnerability

Impact

remote code execution

Solution

Please Install the Updated Packages.

Insight

The AntiVirus scan engine ClamAV was updated to version 0.93 fixes a long list of vulnerabilities. These vulnerabilities can lead to remote code execution, bypassing the scanning engine, remote denial-of-service, local file overwrite. CVE-2008-1835, CVE-2008-1100, CVE-2007-6596 Since the library changed, we also released updated klamav packages for openSUSE 10.2 and 10.3.

Affected

clamav on SUSE LINUX 10.1, openSUSE 10.2, openSUSE 10.3, SUSE SLES 9, Open Enterprise Server, Novell Linux POS 9, SLE SDK 10 SP1, SUSE Linux Enterprise Server 10 SP1

References

http://www.novell.com/linux/security/advisories/2008_24_clamav.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-6595, CVE-2007-6596, CVE-2008-0314, CVE-2008-1100, CVE-2008-1387, CVE-2008-1833, CVE-2008-1835, CVE-2008-1836, CVE-2008-1837
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

SLES10: Security update for libxslt
SLES10: Security update for Apache 2
SLES10: Security update for Linux kernel
SLES10: Security update for jasper
SLES10: Security update for dhclient

SuSE Update for clamav SUSE-SA:2008:024

Take action and discover your vulnerabilities