Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2021 Tenable Network Security, Inc.FEDORA_2015-1437.NASL
HistoryFeb 02, 2015 - 12:00 a.m.

Fedora 20 : clamav-0.98.6-1.fc20 (2015-1437)

2015-02-0200:00:00
This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.
www.tenable.com
11

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.024

Percentile

90.0%

JSON

ClamAV 0.98.6 =============

ClamAV 0.98.6 is a bug fix release correcting the following :

  • library shared object revisions.

    • installation issues on some Mac OS X and FreeBSD platforms.

    • includes a patch from Sebastian Andrzej Siewior making ClamAV pid files compatible with systemd.

    • Fix a heap out of bounds condition with crafted Yoda’s crypter files. This issue was discovered by Felix Groebert of the Google Security Team.

    • Fix a heap out of bounds condition with crafted mew packer files. This issue was discovered by Felix Groebert of the Google Security Team.

    • Fix a heap out of bounds condition with crafted upx packer files. This issue was discovered by Kevin Szkudlapski of Quarkslab.

    • Fix a heap out of bounds condition with crafted upack packer files. This issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328.

    • Compensate a crash due to incorrect compiler optimization when handling crafted petite packer files. This issue was discovered by Sebastian Andrzej Siewior.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2015-1437.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(81114);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");

  script_cve_id("CVE-2014-9328", "CVE-2015-1461", "CVE-2015-1462", "CVE-2015-1463");
  script_xref(name:"FEDORA", value:"2015-1437");

  script_name(english:"Fedora 20 : clamav-0.98.6-1.fc20 (2015-1437)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"ClamAV 0.98.6 =============

ClamAV 0.98.6 is a bug fix release correcting the following :

  - library shared object revisions.

    - installation issues on some Mac OS X and FreeBSD
      platforms.

    - includes a patch from Sebastian Andrzej Siewior making
      ClamAV pid files compatible with systemd.

    - Fix a heap out of bounds condition with crafted Yoda's
      crypter files. This issue was discovered by Felix
      Groebert of the Google Security Team.

    - Fix a heap out of bounds condition with crafted mew
      packer files. This issue was discovered by Felix
      Groebert of the Google Security Team.

    - Fix a heap out of bounds condition with crafted upx
      packer files. This issue was discovered by Kevin
      Szkudlapski of Quarkslab.

    - Fix a heap out of bounds condition with crafted upack
      packer files. This issue was discovered by Sebastian
      Andrzej Siewior. CVE-2014-9328.

    - Compensate a crash due to incorrect compiler
      optimization when handling crafted petite packer
      files. This issue was discovered by Sebastian Andrzej
      Siewior.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1187050"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?a7c4b96b"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected clamav package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:clamav");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20");

  script_set_attribute(attribute:"patch_publication_date", value:"2015/01/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/02/02");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC20", reference:"clamav-0.98.6-1.fc20")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav");
}
VendorProductVersionCPE
fedoraprojectfedoraclamavp-cpe:/a:fedoraproject:fedora:clamav
fedoraprojectfedora20cpe:/o:fedoraproject:fedora:20

Related

openvas 12
nessus 12
suse 2
gentoo 1
debian 1
osv 1
ubuntucve 4
archlinux 1
prion 4
ubuntu 2
amazon 1
debiancve 4
mageia 1
nvd 4
fedora 2
cve 4
altlinux 3
cvelist 4
securityvulns 2
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:0291-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0298-1)
2021-06-09 00:00:00
SUSE: Security Advisory for clamav (SUSE-SU-2015:0298-1)
2015-10-13 00:00:00
nessus
nessus
SuSE 11.3 Security Update : clamav (SAT Patch Number 10283)
2015-02-17 00:00:00
Fedora 21 : clamav-0.98.6-1.fc21 (2015-1461)
2015-02-02 00:00:00
ClamAV < 0.98.6 Multiple Vulnerabilities
2015-02-03 00:00:00
suse
suse
Security update for clamav (important)
2015-02-13 16:05:18
Security update for clamav (important)
2015-02-17 03:04:56
gentoo
gentoo
ClamAV: Multiple vulnerabilities
2015-12-30 00:00:00
debian
debian
[SECURITY] [DLA 233-1] clamav security and upstream version update
2015-05-29 03:57:22
osv
osv
clamav - security update
2015-05-28 00:00:00
ubuntucve
ubuntucve
CVE-2014-9328
2015-01-29 00:00:00
CVE-2015-1463
2015-02-03 00:00:00
CVE-2015-1461
2015-02-03 00:00:00
archlinux
archlinux
clamav: arbitrary code execution
2015-02-06 00:00:00
prion
prion
Heap overflow
2015-02-03 16:59:00
Heap overflow
2015-02-03 16:59:00
Design/Logic Flaw
2015-02-03 16:59:00
ubuntu
ubuntu
ClamAV vulnerability
2015-02-02 00:00:00
ClamAV vulnerability
2015-02-12 00:00:00
amazon
amazon
Medium: clamav
2015-03-04 15:52:00
debiancve
debiancve
CVE-2014-9328
2015-02-03 16:59:02
CVE-2015-1461
2015-02-03 16:59:33
CVE-2015-1463
2015-02-03 16:59:34
mageia
mageia
Updated clamav packages fix security vulnerabilities
2015-02-10 00:44:14
nvd
nvd
CVE-2014-9328
2015-02-03 16:59:02
CVE-2015-1461
2015-02-03 16:59:33
CVE-2015-1463
2015-02-03 16:59:34
fedora
fedora
[SECURITY] Fedora 20 Update: clamav-0.98.6-1.fc20
2015-01-30 23:53:55
[SECURITY] Fedora 21 Update: clamav-0.98.6-1.fc21
2015-01-30 23:56:42
cve
cve
CVE-2014-9328
2015-02-03 16:59:02
CVE-2015-1461
2015-02-03 16:59:33
CVE-2015-1463
2015-02-03 16:59:34
altlinux
altlinux
Security fix for the ALT Linux 8 package clamav version 0.98.6-alt1
2015-01-28 00:00:00
Security fix for the ALT Linux 10 package clamav version 0.98.6-alt1
2015-01-28 00:00:00
Security fix for the ALT Linux 9 package clamav version 0.98.6-alt1
2015-01-28 00:00:00
cvelist
cvelist
CVE-2014-9328
2015-02-03 16:00:00
CVE-2015-1463
2015-02-03 16:00:00
CVE-2015-1461
2015-02-03 16:00:00
securityvulns
securityvulns
[ MDVSA-2015:042 ] clamav
2015-02-11 00:00:00
ClamAV memory corruptions
2015-02-11 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.024

Percentile

90.0%

JSON
Related for FEDORA_2015-1437.NASL
openvas12nessus12suse2gentoo1debian1osv1ubuntucve4archlinux1prion4ubuntu2amazon1debiancve4mageia1nvd4fedora2cve4altlinux3cvelist4securityvulns2