Fedora 21 : clamav-0.98.6-1.fc21 (2015-1461)

2015-02-02T00:00:00
ID FEDORA_2015-1461.NASL
Type nessus
Reporter Tenable
Modified 2015-10-19T00:00:00

Description

ClamAV 0.98.6 =============

ClamAV 0.98.6 is a bug fix release correcting the following :

  • library shared object revisions.

    • installation issues on some Mac OS X and FreeBSD platforms.

    • includes a patch from Sebastian Andrzej Siewior making ClamAV pid files compatible with systemd.

    • Fix a heap out of bounds condition with crafted Yoda's crypter files. This issue was discovered by Felix Groebert of the Google Security Team.

    • Fix a heap out of bounds condition with crafted mew packer files. This issue was discovered by Felix Groebert of the Google Security Team.

    • Fix a heap out of bounds condition with crafted upx packer files. This issue was discovered by Kevin Szkudlapski of Quarkslab.

    • Fix a heap out of bounds condition with crafted upack packer files. This issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328.

    • Compensate a crash due to incorrect compiler optimization when handling crafted petite packer files. This issue was discovered by Sebastian Andrzej Siewior.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Fedora Security Advisory 2015-1461.
#

include("compat.inc");

if (description)
{
  script_id(81115);
  script_version("$Revision: 1.4 $");
  script_cvs_date("$Date: 2015/10/19 22:57:26 $");

  script_cve_id("CVE-2014-9328", "CVE-2015-1461", "CVE-2015-1462", "CVE-2015-1463");
  script_xref(name:"FEDORA", value:"2015-1461");

  script_name(english:"Fedora 21 : clamav-0.98.6-1.fc21 (2015-1461)");
  script_summary(english:"Checks rpm output for the updated package.");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Fedora host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"ClamAV 0.98.6 =============

ClamAV 0.98.6 is a bug fix release correcting the following :

  - library shared object revisions.

    - installation issues on some Mac OS X and FreeBSD
      platforms.

    - includes a patch from Sebastian Andrzej Siewior making
      ClamAV pid files compatible with systemd.

    - Fix a heap out of bounds condition with crafted Yoda's
      crypter files. This issue was discovered by Felix
      Groebert of the Google Security Team.

    - Fix a heap out of bounds condition with crafted mew
      packer files. This issue was discovered by Felix
      Groebert of the Google Security Team.

    - Fix a heap out of bounds condition with crafted upx
      packer files. This issue was discovered by Kevin
      Szkudlapski of Quarkslab.

    - Fix a heap out of bounds condition with crafted upack
      packer files. This issue was discovered by Sebastian
      Andrzej Siewior. CVE-2014-9328.

    - Compensate a crash due to incorrect compiler
      optimization when handling crafted petite packer
      files. This issue was discovered by Sebastian Andrzej
      Siewior.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.redhat.com/show_bug.cgi?id=1187050"
  );
  # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?710c5df4"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected clamav package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:clamav");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:21");

  script_set_attribute(attribute:"patch_publication_date", value:"2015/01/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/02/02");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015 Tenable Network Security, Inc.");
  script_family(english:"Fedora Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^21([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 21.x", "Fedora " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);

flag = 0;
if (rpm_check(release:"FC21", reference:"clamav-0.98.6-1.fc21")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav");
}