ID EDB-ID:30291 Type exploitdb Reporter Metaeye Security Group Modified 2007-07-11T00:00:00
Description
Multiple Vendors RAR Handling Remote Null Pointer Dereference Vulnerability. CVE-2007-3725. Remote exploit for linux platform
source: http://www.securityfocus.com/bid/24866/info
Multiple applications using RAR are prone to a NULL-pointer dereference vulnerability.
A successful attack will result in denial-of-service conditions. Attackers may also be able to exploit this issue to execute arbitrary code, but this has not been confirmed.
This issue affects the following:
ClamAV prior to 0.91
'UnRAR' 3.70; other versions may also be vulnerable.
Other applications using the vulnerabile 'UnRAR' utility are affected by this issue. We will update this BID as more information emerges.
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30291.rar
{"id": "EDB-ID:30291", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Multiple Vendors - RAR Handling Remote Null Pointer Dereference Vulnerability", "description": "Multiple Vendors RAR Handling Remote Null Pointer Dereference Vulnerability. CVE-2007-3725. Remote exploit for linux platform", "published": "2007-07-11T00:00:00", "modified": "2007-07-11T00:00:00", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/30291/", "reporter": "Metaeye Security Group", "references": [], "cvelist": ["CVE-2007-3725"], "lastseen": "2016-02-03T12:08:52", "viewCount": 3, "enchantments": {"score": {"value": 5.7, "vector": "NONE", "modified": "2016-02-03T12:08:52", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-3725"]}, {"type": "openvas", "idList": ["OPENVAS:65611", "OPENVAS:830138", "OPENVAS:1361412562310830138", "OPENVAS:136141256231065611", "OPENVAS:58472", "OPENVAS:58539"]}, {"type": "osvdb", "idList": ["OSVDB:36907"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1340-1:78A5F"]}, {"type": "nessus", "idList": ["MACOSX_SECUPD2008-002.NASL", "SUSE_CLAMAV-3902.NASL", "MANDRAKE_MDKSA-2007-150.NASL", "SUSE_CLAMAV-3901.NASL", "GENTOO_GLSA-200708-04.NASL", "DEBIAN_DSA-1340.NASL"]}, {"type": "gentoo", "idList": ["GLSA-200708-04"]}], "modified": "2016-02-03T12:08:52", "rev": 2}, "vulnersScore": 5.7}, "sourceHref": "https://www.exploit-db.com/download/30291/", "sourceData": "source: http://www.securityfocus.com/bid/24866/info\r\n\r\nMultiple applications using RAR are prone to a NULL-pointer dereference vulnerability.\r\n\r\nA successful attack will result in denial-of-service conditions. Attackers may also be able to exploit this issue to execute arbitrary code, but this has not been confirmed.\r\n\r\nThis issue affects the following:\r\n\r\nClamAV prior to 0.91\r\n'UnRAR' 3.70; other versions may also be vulnerable.\r\n\r\nOther applications using the vulnerabile 'UnRAR' utility are affected by this issue. We will update this BID as more information emerges. \r\n\r\nhttps://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/30291.rar", "osvdbidlist": ["36907"]}
{"cve": [{"lastseen": "2020-10-03T11:45:52", "description": "The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive, resulting in a NULL pointer dereference.", "edition": 3, "cvss3": {}, "published": "2007-07-12T16:30:00", "title": "CVE-2007-3725", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-3725"], "modified": "2018-10-15T21:30:00", "cpe": ["cpe:/a:clam_anti-virus:clamav:0.88.4", "cpe:/a:clam_anti-virus:clamav:0.71", "cpe:/a:clam_anti-virus:clamav:0.51", "cpe:/a:clam_anti-virus:clamav:0.90_rc2", "cpe:/a:clam_anti-virus:clamav:0.70", "cpe:/a:clam_anti-virus:clamav:0.90_rc3", "cpe:/a:clam_anti-virus:clamav:0.15", "cpe:/a:clam_anti-virus:clamav:0.80_rc3", "cpe:/a:clam_anti-virus:clamav:0.73", "cpe:/a:clam_anti-virus:clamav:0.84", "cpe:/a:clam_anti-virus:clamav:0.60", "cpe:/a:clam_anti-virus:clamav:0.20", "cpe:/a:clam_anti-virus:clamav:0.87.1", "cpe:/a:clam_anti-virus:clamav:0.22", "cpe:/a:clam_anti-virus:clamav:0.80_rc1", "cpe:/a:clam_anti-virus:clamav:0.88.1", "cpe:/a:clam_anti-virus:clamav:0.85", "cpe:/a:clam_anti-virus:clamav:0.88", "cpe:/a:clam_anti-virus:clamav:0.72", "cpe:/a:clam_anti-virus:clamav:0.84_rc1", "cpe:/a:clam_anti-virus:clamav:0.81", "cpe:/a:clam_anti-virus:clamav:0.88.6", "cpe:/a:clam_anti-virus:clamav:0.53", "cpe:/a:clam_anti-virus:clamav:0.83", "cpe:/a:clam_anti-virus:clamav:0.86_rc1", "cpe:/a:clam_anti-virus:clamav:0.87", "cpe:/a:clam_anti-virus:clamav:0.88.3", "cpe:/a:clam_anti-virus:clamav:0.82", "cpe:/a:clam_anti-virus:clamav:0.68.1", "cpe:/a:clam_anti-virus:clamav:0.80_rc4", "cpe:/a:clam_anti-virus:clamav:0.74", "cpe:/a:clam_anti-virus:clamav:0.68", "cpe:/a:clam_anti-virus:clamav:0.54", "cpe:/a:clam_anti-virus:clamav:0.60p", "cpe:/a:clam_anti-virus:clamav:0.80_rc2", "cpe:/a:clam_anti-virus:clamav:0.67", "cpe:/a:clam_anti-virus:clamav:0.86.1", "cpe:/a:clam_anti-virus:clamav:0.88.7", "cpe:/a:clam_anti-virus:clamav:0.21", "cpe:/a:clam_anti-virus:clamav:0.86", "cpe:/a:clam_anti-virus:clamav:0.90_rc1.1", "cpe:/a:clam_anti-virus:clamav:0.88.5", "cpe:/a:clam_anti-virus:clamav:0.90", "cpe:/a:clam_anti-virus:clamav:0.52", "cpe:/a:clam_anti-virus:clamav:0.81_rc1", "cpe:/a:clam_anti-virus:clamav:0.23", "cpe:/a:clam_anti-virus:clamav:0.80", "cpe:/a:clam_anti-virus:clamav:0.85.1", "cpe:/a:clam_anti-virus:clamav:0.84_rc2", "cpe:/a:clam_anti-virus:clamav:0.65", "cpe:/a:clam_anti-virus:clamav:0.24", "cpe:/a:clam_anti-virus:clamav:0.86.2", "cpe:/a:clam_anti-virus:clamav:0.75", "cpe:/a:clam_anti-virus:clamav:0.75.1"], "id": "CVE-2007-3725", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3725", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:clam_anti-virus:clamav:0.54:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.83:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.84:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.22:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.90_rc1.1:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.84_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.70:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.86_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.68:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.90:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.65:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.90_rc2:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.88.1:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.60p:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.80_rc3:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.88.5:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.80_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.81_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.51:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.88.6:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.75.1:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.82:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.88.7:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.60:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.90_rc3:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.24:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.80_rc2:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.86:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.52:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.86.2:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.80_rc4:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.85:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.88:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.87:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.88.4:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.68.1:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.53:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.75:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.67:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.73:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.81:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.88.3:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.71:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.21:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.74:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.86.1:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.23:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.72:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.20:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.87.1:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.85.1:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.15:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.84_rc2:*:*:*:*:*:*:*", "cpe:2.3:a:clam_anti-virus:clamav:0.80:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-26T08:56:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3725"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n clamav\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5012460 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65611", "href": "http://plugins.openvas.org/nasl.php?oid=65611", "type": "openvas", "title": "SLES9: Security update for clamav", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5012460.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for clamav\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n clamav\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5012460 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65611);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2007-3725\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES9: Security update for clamav\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.91.1~2.1\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:41:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3725"], "description": "Check for the Version of clamav", "modified": "2018-04-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:1361412562310830138", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830138", "type": "openvas", "title": "Mandriva Update for clamav MDKSA-2007:150 (clamav)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for clamav MDKSA-2007:150 (clamav)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability in the RAR VM in ClamAV allowed user-assisted remote\n attackers to cause a crash via a crafted RAR archive which resulted\n in a NULL pointer dereference.\n\n Other bugs have also been corrected in 0.91.1 which is being provided\n with this update.\";\n\ntag_affected = \"clamav on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-07/msg00020.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830138\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDKSA\", value: \"2007:150\");\n script_cve_id(\"CVE-2007-3725\");\n script_name( \"Mandriva Update for clamav MDKSA-2007:150 (clamav)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of clamav\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamav-milter\", rpm:\"clamav-milter~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamd\", rpm:\"clamd~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamdmon\", rpm:\"clamdmon~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libclamav2\", rpm:\"libclamav2~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libclamav2-devel\", rpm:\"libclamav2-devel~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64clamav2\", rpm:\"lib64clamav2~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64clamav2-devel\", rpm:\"lib64clamav2-devel~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamav-milter\", rpm:\"clamav-milter~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamd\", rpm:\"clamd~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamdmon\", rpm:\"clamdmon~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libclamav2\", rpm:\"libclamav2~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libclamav2-devel\", rpm:\"libclamav2-devel~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64clamav2\", rpm:\"lib64clamav2~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64clamav2-devel\", rpm:\"lib64clamav2-devel~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3725"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n clamav\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5012460 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065611", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065611", "type": "openvas", "title": "SLES9: Security update for clamav", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5012460.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for clamav\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n clamav\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5012460 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65611\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2007-3725\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"SLES9: Security update for clamav\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.91.1~2.1\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:50:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3725"], "description": "The remote host is missing an update to clamav\nannounced via advisory DSA 1340-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:58472", "href": "http://plugins.openvas.org/nasl.php?oid=58472", "type": "openvas", "title": "Debian Security Advisory DSA 1340-1 (clamav)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1340_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 1340-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A NULL pointer dereference has been discovered in the RAR VM of Clam\nAntivirus (ClamAV) which allows user-assisted remote attackers to\ncause a denial of service via a specially crafted RAR archives.\n\nWe are currently unable to provide fixed packages for the MIPS\narchitectures. Those packages will be installed in the security\narchive when they become available.\n\nThe old stable distribution (sarge) is not affected by this problem.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 0.90.1-3etch4.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 0.91-1.\n\nWe recommend that you upgrade your clamav packages.\";\ntag_summary = \"The remote host is missing an update to clamav\nannounced via advisory DSA 1340-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201340-1\";\n\nif(description)\n{\n script_id(58472);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 23:19:52 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2007-3725\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"Debian Security Advisory DSA 1340-1 (clamav)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"clamav-base\", ver:\"0.90.1-3etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"clamav-docs\", ver:\"0.90.1-3etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"clamav-testfiles\", ver:\"0.90.1-3etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"clamav\", ver:\"0.90.1-3etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"clamav-daemon\", ver:\"0.90.1-3etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"clamav-dbg\", ver:\"0.90.1-3etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"clamav-freshclam\", ver:\"0.90.1-3etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"clamav-milter\", ver:\"0.90.1-3etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libclamav-dev\", ver:\"0.90.1-3etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libclamav2\", ver:\"0.90.1-3etch4\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3725"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200708-04.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:58539", "href": "http://plugins.openvas.org/nasl.php?oid=58539", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200708-04 (clamav)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been discovered in ClamAV, allowing for a Denial of\nService.\";\ntag_solution = \"All ClamAV users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-antivirus/clamav-0.91'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200708-04\nhttp://bugs.gentoo.org/show_bug.cgi?id=185013\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200708-04.\";\n\n \n\nif(description)\n{\n script_id(58539);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2007-3725\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200708-04 (clamav)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-antivirus/clamav\", unaffected: make_list(\"ge 0.91\"), vulnerable: make_list(\"lt 0.91\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:57:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3725"], "description": "Check for the Version of clamav", "modified": "2017-07-06T00:00:00", "published": "2009-04-09T00:00:00", "id": "OPENVAS:830138", "href": "http://plugins.openvas.org/nasl.php?oid=830138", "type": "openvas", "title": "Mandriva Update for clamav MDKSA-2007:150 (clamav)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for clamav MDKSA-2007:150 (clamav)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability in the RAR VM in ClamAV allowed user-assisted remote\n attackers to cause a crash via a crafted RAR archive which resulted\n in a NULL pointer dereference.\n\n Other bugs have also been corrected in 0.91.1 which is being provided\n with this update.\";\n\ntag_affected = \"clamav on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-07/msg00020.php\");\n script_id(830138);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 13:57:01 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDKSA\", value: \"2007:150\");\n script_cve_id(\"CVE-2007-3725\");\n script_name( \"Mandriva Update for clamav MDKSA-2007:150 (clamav)\");\n\n script_summary(\"Check for the Version of clamav\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamav-milter\", rpm:\"clamav-milter~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamd\", rpm:\"clamd~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamdmon\", rpm:\"clamdmon~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libclamav2\", rpm:\"libclamav2~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libclamav2-devel\", rpm:\"libclamav2-devel~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64clamav2\", rpm:\"lib64clamav2~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64clamav2-devel\", rpm:\"lib64clamav2-devel~0.91.1~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamav-milter\", rpm:\"clamav-milter~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamd\", rpm:\"clamd~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"clamdmon\", rpm:\"clamdmon~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libclamav2\", rpm:\"libclamav2~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libclamav2-devel\", rpm:\"libclamav2-devel~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64clamav2\", rpm:\"lib64clamav2~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64clamav2-devel\", rpm:\"lib64clamav2-devel~0.91.1~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:46", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3725"], "edition": 1, "description": "### Background\n\nClamAV is a GPL virus scanner. \n\n### Description\n\nMetaeye Security Group reported a NULL pointer dereference in ClamAV when processing RAR archives. \n\n### Impact\n\nA remote attacker could send a specially crafted RAR archive to the clamd daemon, resulting in a crash and a Denial of Service. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll ClamAV users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-antivirus/clamav-0.91\"", "modified": "2007-08-09T00:00:00", "published": "2007-08-09T00:00:00", "id": "GLSA-200708-04", "href": "https://security.gentoo.org/glsa/200708-04", "type": "gentoo", "title": "ClamAV: Denial of Service", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:32", "bulletinFamily": "software", "cvelist": ["CVE-2007-3725"], "description": "# No description provided by the source\n\n## References:\nVendor Specific News/Changelog Entry: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=555\n[Secunia Advisory ID:26038](https://secuniaresearch.flexerasoftware.com/advisories/26038/)\n[Secunia Advisory ID:26164](https://secuniaresearch.flexerasoftware.com/advisories/26164/)\n[Secunia Advisory ID:22588](https://secuniaresearch.flexerasoftware.com/advisories/22588/)\n[Secunia Advisory ID:26209](https://secuniaresearch.flexerasoftware.com/advisories/26209/)\n[Secunia Advisory ID:26226](https://secuniaresearch.flexerasoftware.com/advisories/26226/)\n[Secunia Advisory ID:26377](https://secuniaresearch.flexerasoftware.com/advisories/26377/)\nOther Advisory URL: http://lists.opensuse.org/opensuse-security-announce/2007-08/msg00003.html\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200708-04.xml\nOther Advisory URL: http://kolab.org/security/kolab-vendor-notice-16.txt\nOther Advisory URL: http://www.metaeye.org/advisories/54\nOther Advisory URL: http://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00101.html\nOther Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:150\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-07/0096.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-07/0097.html\n[CVE-2007-3725](https://vulners.com/cve/CVE-2007-3725)\n", "edition": 1, "modified": "2007-07-11T17:52:41", "published": "2007-07-11T17:52:41", "href": "https://vulners.com/osvdb/OSVDB:36907", "id": "OSVDB:36907", "title": "Clam AntiVirus RAR Archive Processing DoS", "type": "osvdb", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2020-11-11T13:25:51", "bulletinFamily": "unix", "cvelist": ["CVE-2007-3725"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 1340-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nJuly 24th, 2007 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : clamav\nVulnerability : null pointer dereference\nProblem type : local (remote)\nDebian-specific: no\nCVE ID : CVE-2007-3725\n\nA NULL pointer dereference has been discovered in the RAR VM of Clam\nAntivirus (ClamAV) which allows user-assisted remote attackers to\ncause a denial of service via a specially crafted RAR archives.\n\nWe are currently unable to provide fixed packages for the MIPS\narchitectures. Those packages will be installed in the security\narchive when they become available.\n\nThe old stable distribution (sarge) is not affected by this problem.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 0.90.1-3etch4.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 0.91-1.\n\nWe recommend that you upgrade your clamav packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given at the end of this advisory:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4.dsc\n Size/MD5 checksum: 886 4322482c1fb82b108aa43cb9db54efd1\n http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4.diff.gz\n Size/MD5 checksum: 201403 a5c2bfc45cc81fd1f85c3bfca605c2eb\n http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1.orig.tar.gz\n Size/MD5 checksum: 11643310 cd11c05b5476262eaea4fa3bd7dc25bf\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/c/clamav/clamav-base_0.90.1-3etch4_all.deb\n Size/MD5 checksum: 201448 cf1df37f823c25b62bb341da58b13cb9\n http://security.debian.org/pool/updates/main/c/clamav/clamav-docs_0.90.1-3etch4_all.deb\n Size/MD5 checksum: 1003244 fda3003977260e1b5cea1547167d492c\n http://security.debian.org/pool/updates/main/c/clamav/clamav-testfiles_0.90.1-3etch4_all.deb\n Size/MD5 checksum: 157626 548abf569b73b094e3807888f2f5038d\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_alpha.deb\n Size/MD5 checksum: 863288 10878c8e050e17086aeea82678293c08\n http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_alpha.deb\n Size/MD5 checksum: 184482 cc5eca7ca9f6c3d7c9cb64557b975d8b\n http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_alpha.deb\n Size/MD5 checksum: 644222 71b240e73b41ea5a62a2e481c3ed3147\n http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_alpha.deb\n Size/MD5 checksum: 9303578 91aa4799771e9f6a366a84f8be4a0154\n http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_alpha.deb\n Size/MD5 checksum: 179638 16cb1cdf55b0f6cc983ef3c224b6ad42\n http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_alpha.deb\n Size/MD5 checksum: 510846 dfd5016fdaa269c808d1585eeb29b682\n http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_alpha.deb\n Size/MD5 checksum: 406172 76b0ab23e443a074b089e23f63c1b996\n\n AMD64 architecture:\n\n http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_amd64.deb\n Size/MD5 checksum: 856292 ae79ee69acb68b7edc2938e74df07572\n http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_amd64.deb\n Size/MD5 checksum: 178250 919ffe6a6d8f087f7c64f561de240dcb\n http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_amd64.deb\n Size/MD5 checksum: 637868 96df7a341a13a1dcfa3726da88270285\n http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_amd64.deb\n Size/MD5 checksum: 9301706 97194c4ceb5cc69c897becba8509f5c6\n http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_amd64.deb\n Size/MD5 checksum: 176744 e9870bb2dbb4cae1415e7da8043f6d83\n http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_amd64.deb\n Size/MD5 checksum: 386328 cb0f86bd159db1925ec39157c345f20e\n http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_amd64.deb\n Size/MD5 checksum: 367102 f79837717dee7f6a9aaa9c1817fed77e\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_arm.deb\n Size/MD5 checksum: 851824 9fc5cd7039da4dde8f570720c08fdc99\n http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_arm.deb\n Size/MD5 checksum: 173452 ce3d61f700ed0607ebb71307928976da\n http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_arm.deb\n Size/MD5 checksum: 597194 f38f065738f1cafba9a3c42922223709\n http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_arm.deb\n Size/MD5 checksum: 9299488 10799147def77a149669c56346cc287a\n http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_arm.deb\n Size/MD5 checksum: 174552 e16ae0c225af49669e082239fc39a76c\n http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_arm.deb\n Size/MD5 checksum: 366682 8a95f23f368df1453b461a3da2c7e23c\n http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_arm.deb\n Size/MD5 checksum: 362572 39aba5c87cc8a8023c512926f095611b\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_hppa.deb\n Size/MD5 checksum: 857062 5fa4607f52271c43e9f277c69ea934f6\n http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_hppa.deb\n Size/MD5 checksum: 177964 17e85986371220f8bb54a9cd8368309a\n http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_hppa.deb\n Size/MD5 checksum: 617892 c27423a2aa54314d371cd517f52b0c61\n http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_hppa.deb\n Size/MD5 checksum: 9303060 034452cd5c442565ec7d150ed5b46e06\n http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_hppa.deb\n Size/MD5 checksum: 176816 27a3c13573a79dc97e7aea6a79c53ef4\n http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_hppa.deb\n Size/MD5 checksum: 432748 96afeaa27862183bea23b961600d93fe\n http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_hppa.deb\n Size/MD5 checksum: 404838 0573b674780cbc47d19ac0ddcf183496\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_i386.deb\n Size/MD5 checksum: 853720 51d46ae39ed2a720e584b5b52b2d3409\n http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_i386.deb\n Size/MD5 checksum: 174618 d07358cba9e467fdf2159739016d00a7\n http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_i386.deb\n Size/MD5 checksum: 603774 2987ddb46e82447f8e6e20d33080aa37\n http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_i386.deb\n Size/MD5 checksum: 9300044 d9f5a5d77235452c19669d71a6a13a93\n http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_i386.deb\n Size/MD5 checksum: 174752 c863d6372b97823c5cd052b22ade00b0\n http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_i386.deb\n Size/MD5 checksum: 367668 b1380aa6e0fe222916605f08a89c16f9\n http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_i386.deb\n Size/MD5 checksum: 365686 156a20aba1b91eb24f8a8b668e3a46cd\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_ia64.deb\n Size/MD5 checksum: 878298 2a2420da2db40f69e7654689845fa2b0\n http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_ia64.deb\n Size/MD5 checksum: 201470 70a6f87e38268e27afd74951851eca94\n http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_ia64.deb\n Size/MD5 checksum: 656106 f92e7ef6ab087b48e264e4628b87a785\n http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_ia64.deb\n Size/MD5 checksum: 9315074 f72f2a6a7445f23a2ab5652ac79237bc\n http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_ia64.deb\n Size/MD5 checksum: 191134 f79c94fa3326f59a37546f6e49a25303\n http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_ia64.deb\n Size/MD5 checksum: 521332 c5a2c75acf87f4e41160ec1e9fd3af72\n http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_ia64.deb\n Size/MD5 checksum: 474822 b5c2e4e6a30d056e05677055d220c283\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_powerpc.deb\n Size/MD5 checksum: 857106 5da0964bfba1524143595c0ea23dfde9\n http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_powerpc.deb\n Size/MD5 checksum: 181682 9805bff29a56e84a23a904ef1604723c\n http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_powerpc.deb\n Size/MD5 checksum: 636886 5a2a9d659d39f9363b0faa092f0ae32f\n http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_powerpc.deb\n Size/MD5 checksum: 9302070 0d906d48dd85f6ea63263e0580e55de8\n http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_powerpc.deb\n Size/MD5 checksum: 175854 2cc7ed815f9882cd268112c4ac8e0aa1\n http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_powerpc.deb\n Size/MD5 checksum: 405626 aa7a50f217ddb1a2637c79a3e83aad4a\n http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_powerpc.deb\n Size/MD5 checksum: 378180 a14d2b513f173bfbf3ce486b45d383bb\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_s390.deb\n Size/MD5 checksum: 855060 bbf174ba8e4b8185f093a368a4fd3068\n http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_s390.deb\n Size/MD5 checksum: 176256 08b08bf7eccd915ced8b284af52e2c0b\n http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_s390.deb\n Size/MD5 checksum: 627908 2453d58f7113081a6ba90f45c6448dc0\n http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_s390.deb\n Size/MD5 checksum: 9300764 19ab312ca93be29295380d0f0f965c97\n http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_s390.deb\n Size/MD5 checksum: 176424 c2ed7fde9ba790fb495428f318a4c6a7\n http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_s390.deb\n Size/MD5 checksum: 401622 18ea76e737dfa67aebfd7b62b68dbd94\n http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_s390.deb\n Size/MD5 checksum: 391172 795d593d6bdfcf5cbf16ba692fc54395\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/c/clamav/clamav_0.90.1-3etch4_sparc.deb\n Size/MD5 checksum: 851152 110dd04af9f54ee83c7312e096cd9201\n http://security.debian.org/pool/updates/main/c/clamav/clamav-daemon_0.90.1-3etch4_sparc.deb\n Size/MD5 checksum: 171902 53ce9d7055da42e07f28685a03a52592\n http://security.debian.org/pool/updates/main/c/clamav/clamav-dbg_0.90.1-3etch4_sparc.deb\n Size/MD5 checksum: 584004 c859bae90ea21251b8faa4114eb7b9df\n http://security.debian.org/pool/updates/main/c/clamav/clamav-freshclam_0.90.1-3etch4_sparc.deb\n Size/MD5 checksum: 9298608 de87f85e9dd4e74fb3f1b3d85bcb53c0\n http://security.debian.org/pool/updates/main/c/clamav/clamav-milter_0.90.1-3etch4_sparc.deb\n Size/MD5 checksum: 173534 9cca508f4a123f194872d6c6f8b5af0b\n http://security.debian.org/pool/updates/main/c/clamav/libclamav-dev_0.90.1-3etch4_sparc.deb\n Size/MD5 checksum: 389104 5432b26c75aa4ba4579d0c0eaaa42fdd\n http://security.debian.org/pool/updates/main/c/clamav/libclamav2_0.90.1-3etch4_sparc.deb\n Size/MD5 checksum: 377310 0ecb88683024a0cc7ec48f715419cd0e\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 3, "modified": "2007-07-24T00:00:00", "published": "2007-07-24T00:00:00", "id": "DEBIAN:DSA-1340-1:78A5F", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2007/msg00101.html", "title": "[SECURITY] [DSA 1340-1] New ClamAV packages fix denial of service", "type": "debian", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2021-01-06T09:44:49", "description": "A NULL pointer dereference has been discovered in the RAR VM of Clam\nAntivirus (ClamAV) which allows user-assisted remote attackers to\ncause a denial of service via a specially crafted RAR archives.\n\nWe are currently unable to provide fixed packages for the MIPS\narchitectures. Those packages will be installed in the security\narchive when they become available.", "edition": 25, "published": "2007-07-27T00:00:00", "title": "Debian DSA-1340-1 : clamav - NULL pointer dereference", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3725"], "modified": "2007-07-27T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:4.0", "p-cpe:/a:debian:debian_linux:clamav"], "id": "DEBIAN_DSA-1340.NASL", "href": "https://www.tenable.com/plugins/nessus/25782", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-1340. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25782);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2007-3725\");\n script_xref(name:\"DSA\", value:\"1340\");\n\n script_name(english:\"Debian DSA-1340-1 : clamav - NULL pointer dereference\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A NULL pointer dereference has been discovered in the RAR VM of Clam\nAntivirus (ClamAV) which allows user-assisted remote attackers to\ncause a denial of service via a specially crafted RAR archives.\n\nWe are currently unable to provide fixed packages for the MIPS\narchitectures. Those packages will be installed in the security\narchive when they become available.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2007/dsa-1340\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the clamav packages.\n\nThe old stable distribution (sarge) is not affected by this problem.\n\nFor the stable distribution (etch) this problem has been fixed in\nversion 0.90.1-3etch4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"4.0\", prefix:\"clamav\", reference:\"0.90.1-3etch4\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"clamav-base\", reference:\"0.90.1-3etch4\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"clamav-daemon\", reference:\"0.90.1-3etch4\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"clamav-dbg\", reference:\"0.90.1-3etch4\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"clamav-docs\", reference:\"0.90.1-3etch4\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"clamav-freshclam\", reference:\"0.90.1-3etch4\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"clamav-milter\", reference:\"0.90.1-3etch4\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"clamav-testfiles\", reference:\"0.90.1-3etch4\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libclamav-dev\", reference:\"0.90.1-3etch4\")) flag++;\nif (deb_check(release:\"4.0\", prefix:\"libclamav2\", reference:\"0.90.1-3etch4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T11:51:44", "description": "A vulnerability in the RAR VM in ClamAV allowed user-assisted remote\nattackers to cause a crash via a crafted RAR archive which resulted in\na NULL pointer dereference.\n\nOther bugs have also been corrected in 0.91.1 which is being provided\nwith this update.", "edition": 24, "published": "2007-07-27T00:00:00", "title": "Mandrake Linux Security Advisory : clamav (MDKSA-2007:150)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3725"], "modified": "2007-07-27T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:clamd", "p-cpe:/a:mandriva:linux:clamav", "p-cpe:/a:mandriva:linux:lib64clamav2", "cpe:/o:mandriva:linux:2007", "cpe:/o:mandriva:linux:2007.1", "p-cpe:/a:mandriva:linux:libclamav2-devel", "p-cpe:/a:mandriva:linux:clamav-milter", "p-cpe:/a:mandriva:linux:lib64clamav2-devel", "p-cpe:/a:mandriva:linux:clamav-db", "p-cpe:/a:mandriva:linux:clamdmon", "p-cpe:/a:mandriva:linux:libclamav2"], "id": "MANDRAKE_MDKSA-2007-150.NASL", "href": "https://www.tenable.com/plugins/nessus/25796", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:150. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25796);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-3725\");\n script_xref(name:\"MDKSA\", value:\"2007:150\");\n\n script_name(english:\"Mandrake Linux Security Advisory : clamav (MDKSA-2007:150)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability in the RAR VM in ClamAV allowed user-assisted remote\nattackers to cause a crash via a crafted RAR archive which resulted in\na NULL pointer dereference.\n\nOther bugs have also been corrected in 0.91.1 which is being provided\nwith this update.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:clamav-db\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:clamav-milter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:clamd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:clamdmon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64clamav2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64clamav2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libclamav2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libclamav2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/07/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", reference:\"clamav-0.91.1-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"clamav-db-0.91.1-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"clamav-milter-0.91.1-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"clamd-0.91.1-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", reference:\"clamdmon-0.91.1-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64clamav2-0.91.1-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64clamav2-devel-0.91.1-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libclamav2-0.91.1-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libclamav2-devel-0.91.1-1.1mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", reference:\"clamav-0.91.1-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"clamav-db-0.91.1-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"clamav-milter-0.91.1-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"clamd-0.91.1-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", reference:\"clamdmon-0.91.1-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64clamav2-0.91.1-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64clamav2-devel-0.91.1-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libclamav2-0.91.1-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libclamav2-devel-0.91.1-1.1mdv2007.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T10:52:14", "description": "The remote host is affected by the vulnerability described in GLSA-200708-04\n(ClamAV: Denial of Service)\n\n Metaeye Security Group reported a NULL pointer dereference in ClamAV\n when processing RAR archives.\n \nImpact :\n\n A remote attacker could send a specially crafted RAR archive to the\n clamd daemon, resulting in a crash and a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "published": "2007-08-13T00:00:00", "title": "GLSA-200708-04 : ClamAV: Denial of Service", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3725"], "modified": "2007-08-13T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:clamav"], "id": "GENTOO_GLSA-200708-04.NASL", "href": "https://www.tenable.com/plugins/nessus/25869", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200708-04.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(25869);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2007-3725\");\n script_xref(name:\"GLSA\", value:\"200708-04\");\n\n script_name(english:\"GLSA-200708-04 : ClamAV: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200708-04\n(ClamAV: Denial of Service)\n\n Metaeye Security Group reported a NULL pointer dereference in ClamAV\n when processing RAR archives.\n \nImpact :\n\n A remote attacker could send a specially crafted RAR archive to the\n clamd daemon, resulting in a crash and a Denial of Service.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200708-04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All ClamAV users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-antivirus/clamav-0.91'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/08/13\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2007/07/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-antivirus/clamav\", unaffected:make_list(\"ge 0.91\"), vulnerable:make_list(\"lt 0.91\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ClamAV\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:43:22", "description": "This clamav version update to 0.91.1 fixes among other things the long\nstartup time of version 0.90.3 as well as a possibilty to crash clamav\nwith specially crafted rar archives. (CVE-2007-3725)", "edition": 23, "published": "2007-12-13T00:00:00", "title": "SuSE 10 Security Update : clamav (ZYPP Patch Number 3902)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3725"], "modified": "2007-12-13T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_CLAMAV-3902.NASL", "href": "https://www.tenable.com/plugins/nessus/29403", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(29403);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3725\");\n\n script_name(english:\"SuSE 10 Security Update : clamav (ZYPP Patch Number 3902)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This clamav version update to 0.91.1 fixes among other things the long\nstartup time of version 0.90.3 as well as a possibilty to crash clamav\nwith specially crafted rar archives. (CVE-2007-3725)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-3725.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 3902.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:1, reference:\"clamav-0.91.1-2.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-17T14:43:22", "description": "This clamav version update to 0.91.1 fixes among other things the long\nstartup time of version 0.90.3 as well as a possibilty to crash clamav\nwith specially crafted rar archives (CVE-2007-3725).", "edition": 24, "published": "2007-10-17T00:00:00", "title": "openSUSE 10 Security Update : clamav (clamav-3901)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-3725"], "modified": "2007-10-17T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:clamav", "cpe:/o:novell:opensuse:10.1", "p-cpe:/a:novell:opensuse:clamav-db"], "id": "SUSE_CLAMAV-3901.NASL", "href": "https://www.tenable.com/plugins/nessus/27184", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update clamav-3901.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(27184);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2007-3725\");\n\n script_name(english:\"openSUSE 10 Security Update : clamav (clamav-3901)\");\n script_summary(english:\"Check for the clamav-3901 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This clamav version update to 0.91.1 fixes among other things the long\nstartup time of version 0.90.3 as well as a possibilty to crash clamav\nwith specially crafted rar archives (CVE-2007-3725).\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected clamav packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:clamav-db\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.1|SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.1 / 10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.1\", reference:\"clamav-0.91.1-2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.1\", reference:\"clamav-db-0.91.1-2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"clamav-0.91.1-2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"clamav-db-0.91.1-2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"clamav\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T03:25:11", "description": "The remote host is running a version of Mac OS X 10.5 or 10.4 that\ndoes not have the security update 2008-002 applied. \n\nThis update contains several security fixes for a number of programs.", "edition": 24, "published": "2008-03-19T00:00:00", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2008-002)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-0056", "CVE-2007-6335", "CVE-2007-1662", "CVE-2008-0063", "CVE-2007-4768", "CVE-2008-0999", "CVE-2006-5793", "CVE-2007-1661", "CVE-2007-5958", "CVE-2007-4752", "CVE-2008-0990", "CVE-2008-0052", "CVE-2008-0994", "CVE-2007-3799", "CVE-2007-6109", "CVE-2007-5901", "CVE-2007-4887", "CVE-2008-0989", "CVE-2007-6429", "CVE-2007-6337", "CVE-2007-6203", "CVE-2008-0046", "CVE-2008-0060", "CVE-2008-0049", "CVE-2007-1659", "CVE-2008-0318", "CVE-2008-0596", "CVE-2008-0006", "CVE-2007-5269", "CVE-2008-0057", "CVE-2006-6481", "CVE-2007-6428", "CVE-2007-5795", "CVE-2006-3334", "CVE-2007-0897", "CVE-2007-0898", "CVE-2007-4510", "CVE-2007-5971", "CVE-2008-0987", "CVE-2007-1997", "CVE-2008-0995", "CVE-2008-0998", "CVE-2008-0728", "CVE-2008-0059", "CVE-2007-1660", "CVE-2008-0992", "CVE-2007-5268", "CVE-2008-0005", "CVE-2008-0993", "CVE-2007-4990", "CVE-2008-0045", "CVE-2006-3747", "CVE-2007-6421", "CVE-2008-0053", "CVE-2007-5266", "CVE-2007-2445", "CVE-2008-0048", "CVE-2007-6427", "CVE-2007-3847", "CVE-2007-4568", "CVE-2007-1745", "CVE-2007-6388", "CVE-2007-4767", "CVE-2007-6336", "CVE-2007-5000", "CVE-2008-0054", "CVE-2007-4560", "CVE-2008-0996", "CVE-2008-0055", "CVE-2005-3352", "CVE-2007-3725", "CVE-2007-3378", "CVE-2007-5267", "CVE-2008-1000", "CVE-2008-0050", "CVE-2008-0882", "CVE-2007-2799", "CVE-2008-0051", "CVE-2008-0997", "CVE-2008-0044", "CVE-2008-0988", "CVE-2008-0062", "CVE-2007-4766", "CVE-2008-0047", "CVE-2008-0058", "CVE-2005-4077"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2008-002.NASL", "href": "https://www.tenable.com/plugins/nessus/31605", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3004) exit(0);\n\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31605);\n script_version (\"1.38\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\"CVE-2005-3352\", \"CVE-2005-4077\", \"CVE-2006-3334\", \"CVE-2006-3747\", \"CVE-2006-5793\",\n \"CVE-2006-6481\", \"CVE-2007-0897\", \"CVE-2007-0898\", \"CVE-2007-1659\", \"CVE-2007-1660\",\n \"CVE-2007-1661\", \"CVE-2007-1662\", \"CVE-2007-1745\", \"CVE-2007-1997\", \"CVE-2007-2445\",\n \"CVE-2007-2799\", \"CVE-2007-3378\", \"CVE-2007-3725\", \"CVE-2007-3799\", \"CVE-2007-3847\",\n \"CVE-2007-4510\", \"CVE-2007-4560\", \"CVE-2007-4568\", \"CVE-2007-4752\", \"CVE-2007-4766\",\n \"CVE-2007-4767\", \"CVE-2007-4768\", \"CVE-2007-4887\", \"CVE-2007-4990\", \"CVE-2007-5000\",\n \"CVE-2007-5266\", \"CVE-2007-5267\", \"CVE-2007-5268\", \"CVE-2007-5269\", \"CVE-2007-5795\",\n \"CVE-2007-5901\", \"CVE-2007-5958\", \"CVE-2007-5971\", \"CVE-2007-6109\", \"CVE-2007-6203\",\n \"CVE-2007-6335\", \"CVE-2007-6336\", \"CVE-2007-6337\", \"CVE-2007-6388\", \"CVE-2007-6421\",\n \"CVE-2007-6427\", \"CVE-2007-6428\", \"CVE-2007-6429\", \"CVE-2008-0005\", \"CVE-2008-0006\",\n \"CVE-2008-0044\", \"CVE-2008-0045\", \"CVE-2008-0046\", \"CVE-2008-0047\", \"CVE-2008-0048\",\n \"CVE-2008-0049\", \"CVE-2008-0050\", \"CVE-2008-0051\", \"CVE-2008-0052\", \"CVE-2008-0053\",\n \"CVE-2008-0054\", \"CVE-2008-0055\", \"CVE-2008-0056\", \"CVE-2008-0057\", \"CVE-2008-0058\",\n \"CVE-2008-0059\", \"CVE-2008-0060\", \"CVE-2008-0062\", \"CVE-2008-0063\", \"CVE-2008-0318\",\n \"CVE-2008-0596\", \"CVE-2008-0728\", \"CVE-2008-0882\", \"CVE-2008-0987\", \"CVE-2008-0988\",\n \"CVE-2008-0989\", \"CVE-2008-0990\", \"CVE-2008-0992\", \"CVE-2008-0993\", \"CVE-2008-0994\",\n \"CVE-2008-0995\", \"CVE-2008-0996\", \"CVE-2008-0997\", \"CVE-2008-0998\", \"CVE-2008-0999\",\n \"CVE-2008-1000\");\n script_bugtraq_id(19204, 21078, 24268, 25398, 25439, 25489, 25498, 26346, 26750, 26838,\n 26927, 26946, 27234, 27236, 27751, 27988, 28278, 28303, 28304, 28307,\n 28320, 28323, 28334, 28339, 28340, 28341, 28343, 28344, 28345, 28357,\n 28358, 28359, 28363, 28364, 28365, 28367, 28368, 28371, 28371, 28372,\n 28374, 28375, 28384, 28385, 28386, 28387, 28388, 28389);\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2008-002)\");\n script_summary(english:\"Check for the presence of Security Update 2008-002\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a Mac OS X update that fixes various\nsecurity issues.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Mac OS X 10.5 or 10.4 that\ndoes not have the security update 2008-002 applied. \n\nThis update contains several security fixes for a number of programs.\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://docs.info.apple.com/article.html?artnum=307562\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/advisories/14242\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Install Security Update 2008-002 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'ClamAV Milter Blackhole-Mode Remote Code Execution');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 22, 78, 79, 94, 119, 134, 189, 200, 255, 264, 362, 399);\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2008/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value: \"2007/08/24\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2007/06/02\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/MacOSX/packages\", \"Host/uname\");\n exit(0);\n}\n\n\nuname = get_kb_item(\"Host/uname\");\nif (!uname) exit(0);\n\nif (egrep(pattern:\"Darwin.* (8\\.[0-9]\\.|8\\.1[01]\\.)\", string:uname))\n{\n packages = get_kb_item(\"Host/MacOSX/packages\");\n if (!packages) exit(0);\n\n if (!egrep(pattern:\"^SecUpd(Srvr)?(2008-00[2-8]|2009-|20[1-9][0-9]-)\", string:packages))\n security_hole(0);\n}\nelse if (egrep(pattern:\"Darwin.* (9\\.[0-2]\\.)\", string:uname))\n{\n packages = get_kb_item(\"Host/MacOSX/packages/boms\");\n if (!packages) exit(0);\n\n if (!egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\.2008\\.002\\.bom\", string:packages))\n security_hole(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
