{"id": "MANDRIVA_MDVSA-2015-042.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "Mandriva Linux Security Advisory : clamav (MDVSA-2015:042)", "description": "Updated clamav packages fix security vulnerabilities :\n\nClamAV 0.98.6 is a maintenance release to fix some bugs, some of them being security bugs :\n\nFix a heap out of bounds condition with crafted Yoda's crypter files.\nThis issue was discovered by Felix Groebert of the Google Security Team.\n\nFix a heap out of bounds condition with crafted mew packer files. This issue was discovered by Felix Groebert of the Google Security Team.\n\nFix a heap out of bounds condition with crafted upx packer files. This issue was discovered by Kevin Szkudlapski of Quarkslab.\n\nFix a heap out of bounds condition with crafted upack packer files.\nThis issue was discovered by Sebastian Andrzej Siewior (CVE-2014-9328).\n\nCompensate a crash due to incorrect compiler optimization when handling crafted petite packer files. This issue was discovered by Sebastian Andrzej Siewior.", "published": "2015-02-11T00:00:00", "modified": "2021-01-06T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/81283", "reporter": "This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.", "references": ["http://advisories.mageia.org/MGASA-2015-0056.html", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9328"], "cvelist": ["CVE-2014-9328"], "immutableFields": [], "lastseen": "2021-08-19T12:46:54", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2015-486"]}, {"type": "archlinux", "idList": ["ASA-201502-6"]}, {"type": "cve", "idList": ["CVE-2014-9328"]}, {"type": "debian", "idList": ["DEBIAN:DLA-233-1:4B465", "DEBIAN:DLA-233-1:5C34F"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-9328"]}, {"type": "fedora", "idList": ["FEDORA:8A7C660CC868", "FEDORA:AAB9160C453E"]}, {"type": "gentoo", "idList": ["GLSA-201512-08"]}, {"type": "nessus", "idList": ["8826.PRM", "ALA_ALAS-2015-486.NASL", "CLAMAV_0_98_6.NASL", "DEBIAN_DLA-233.NASL", "FEDORA_2015-1437.NASL", "FEDORA_2015-1461.NASL", "GENTOO_GLSA-201512-08.NASL", "MANDRIVA_MDVSA-2015-166.NASL", "OPENSUSE-2015-147.NASL", "SUSE_11_CLAMAV-150206.NASL", "UBUNTU_USN-2488-1.NASL", "UBUNTU_USN-2488-2.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120326", "OPENVAS:1361412562310121430", "OPENVAS:1361412562310842080", "OPENVAS:1361412562310842092", "OPENVAS:1361412562310850635", "OPENVAS:1361412562310850824", "OPENVAS:1361412562310868967", "OPENVAS:1361412562310868970"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31708", "SECURITYVULNS:VULN:14258"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:0285-1", "SUSE-SU-2015:0298-1"]}, {"type": "ubuntu", "idList": ["USN-2488-1", "USN-2488-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-9328"]}], "rev": 4}, "score": {"value": 6.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2015-486"]}, {"type": "cve", "idList": ["CVE-2014-9328"]}, {"type": "debian", "idList": ["DEBIAN:DLA-233-1:4B465"]}, {"type": "fedora", "idList": ["FEDORA:8A7C660CC868"]}, {"type": "nessus", "idList": ["CLAMAV_0_98_6.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121430", "OPENVAS:1361412562310868970"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31708"]}, {"type": "suse", "idList": ["SUSE-SU-2015:0298-1"]}, {"type": "ubuntu", "idList": ["USN-2488-1"]}]}, "exploitation": null, "vulnersScore": 6.5}, "pluginID": "81283", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:042. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81283);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-9328\");\n script_bugtraq_id(72372);\n script_xref(name:\"MDVSA\", value:\"2015:042\");\n\n script_name(english:\"Mandriva Linux Security Advisory : clamav (MDVSA-2015:042)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated clamav packages fix security vulnerabilities :\n\nClamAV 0.98.6 is a maintenance release to fix some bugs, some of them\nbeing security bugs :\n\nFix a heap out of bounds condition with crafted Yoda's crypter files.\nThis issue was discovered by Felix Groebert of the Google Security\nTeam.\n\nFix a heap out of bounds condition with crafted mew packer files. This\nissue was discovered by Felix Groebert of the Google Security Team.\n\nFix a heap out of bounds condition with crafted upx packer files. This\nissue was discovered by Kevin Szkudlapski of Quarkslab.\n\nFix a heap out of bounds condition with crafted upack packer files.\nThis issue was discovered by Sebastian Andrzej Siewior\n(CVE-2014-9328).\n\nCompensate a crash due to incorrect compiler optimization when\nhandling crafted petite packer files. This issue was discovered by\nSebastian Andrzej Siewior.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2015-0056.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:clamav-db\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:clamav-milter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:clamd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64clamav-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64clamav6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"clamav-0.98.6-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"clamav-db-0.98.6-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"clamav-milter-0.98.6-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"clamd-0.98.6-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64clamav-devel-0.98.6-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64clamav6-0.98.6-1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Mandriva Local Security Checks", "cpe": ["p-cpe:/a:mandriva:linux:clamav", "p-cpe:/a:mandriva:linux:clamav-db", "p-cpe:/a:mandriva:linux:clamav-milter", "p-cpe:/a:mandriva:linux:clamd", "p-cpe:/a:mandriva:linux:lib64clamav-devel", "p-cpe:/a:mandriva:linux:lib64clamav6", "cpe:/o:mandriva:business_server:1"], "solution": "Update the affected packages.", "nessusSeverity": "High", "cvssScoreSource": "", "vpr": {"risk factor": "Medium", "score": "5.8"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2015-02-10T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": [], "_state": {"dependencies": 1647589307, "score": 0}}

{"securityvulns": [{"lastseen": "2018-08-31T11:10:57", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2015:042\r\n http://www.mandriva.com/en/support/security/\r\n _______________________________________________________________________\r\n\r\n Package : clamav\r\n Date : February 10, 2015\r\n Affected: Business Server 1.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n Updated clamav packages fix security vulnerabilities:\r\n \r\n ClamAV 0.98.6 is a maintenance release to fix some bugs, some of them\r\n being security bugs:\r\n \r\n Fix a heap out of bounds condition with crafted Yoda&#039;s crypter\r\n files. This issue was discovered by Felix Groebert of the Google\r\n Security Team.\r\n \r\n Fix a heap out of bounds condition with crafted mew packer files. This\r\n issue was discovered by Felix Groebert of the Google Security Team.\r\n \r\n Fix a heap out of bounds condition with crafted upx packer files. This\r\n issue was discovered by Kevin Szkudlapski of Quarkslab.\r\n \r\n Fix a heap out of bounds condition with crafted upack packer\r\n files. This issue was discovered by Sebastian Andrzej Siewior\r\n &#40;CVE-2014-9328&#41;.\r\n \r\n Compensate a crash due to incorrect compiler optimization when handling\r\n crafted petite packer files. This issue was discovered by Sebastian\r\n Andrzej Siewior.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9328\r\n http://advisories.mageia.org/MGASA-2015-0056.html\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Mandriva Business Server 1/X86_64:\r\n 2e3d83c090e1c48f362052c4be25bc99 mbs1/x86_64/clamav-0.98.6-1.mbs1.x86_64.rpm\r\n e7d4cfe60d783ab1ffa694a3eb59e371 mbs1/x86_64/clamav-db-0.98.6-1.mbs1.noarch.rpm\r\n 2c5ab2cda0dc007d18f44615c164f472 mbs1/x86_64/clamav-milter-0.98.6-1.mbs1.x86_64.rpm\r\n de1f295495db4ee384c7ed02943a8037 mbs1/x86_64/clamd-0.98.6-1.mbs1.x86_64.rpm\r\n 0f8c6f040f405f2ec7d618f889d59e28 mbs1/x86_64/lib64clamav6-0.98.6-1.mbs1.x86_64.rpm\r\n fd381197641cd1bd3157c7429ea8adca mbs1/x86_64/lib64clamav-devel-0.98.6-1.mbs1.x86_64.rpm \r\n ea87f5988c481132f27c95cc08620d41 mbs1/SRPMS/clamav-0.98.6-1.mbs1.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/en/support/security/advisories/\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_&#40;at&#41;_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n &lt;security*mandriva.com&gt;\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.12 &#40;GNU/Linux&#41;\r\n\r\niD8DBQFU2hCQmqjQ0CJFipgRAoJLAJ4yHkJAoFUtQjoArquZ5/1gK6STTACghb1g\r\nHkCuR/GqQr67KoEc/ipTfdA=\r\n=pxQv\r\n-----END PGP SIGNATURE-----\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-02-11T00:00:00", "title": "[ MDVSA-2015:042 ] clamav", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-9328"], "modified": "2015-02-11T00:00:00", "id": "SECURITYVULNS:DOC:31708", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31708", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:51:38", "description": "No description provided", "edition": 2, "cvss3": {}, "published": "2015-02-11T00:00:00", "title": "ClamAV memory corruptions", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-9328"], "modified": "2015-02-11T00:00:00", "id": "SECURITYVULNS:VULN:14258", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14258", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "description": "Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. The virus database is based on the virus database from OpenAntiVirus, but contains additional signatures (including signatures for popular polymorphic viruses, too) and is KEPT UP TO DATE. ", "edition": 2, "cvss3": {}, "published": "2015-01-30T23:56:42", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: clamav-0.98.6-1.fc21", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9328"], "modified": "2015-01-30T23:56:42", "id": "FEDORA:8A7C660CC868", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. The virus database is based on the virus database from OpenAntiVirus, but contains additional signatures (including signatures for popular polymorphic viruses, too) and is KEPT UP TO DATE. ", "edition": 2, "cvss3": {}, "published": "2015-01-30T23:53:55", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: clamav-0.98.6-1.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9328"], "modified": "2015-01-30T23:53:55", "id": "FEDORA:AAB9160C453E", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "amazon": [{"lastseen": "2021-07-25T19:30:24", "description": "**Issue Overview:**\n\nClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a \"heap out of bounds condition.\"\n\n \n**Affected Packages:** \n\n\nclamav\n\n \n**Issue Correction:** \nRun _yum update clamav_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 clamav-update-0.98.6-1.11.amzn1.i686 \n \u00a0\u00a0\u00a0 clamav-db-0.98.6-1.11.amzn1.i686 \n \u00a0\u00a0\u00a0 clamav-server-0.98.6-1.11.amzn1.i686 \n \u00a0\u00a0\u00a0 clamav-debuginfo-0.98.6-1.11.amzn1.i686 \n \u00a0\u00a0\u00a0 clamav-lib-0.98.6-1.11.amzn1.i686 \n \u00a0\u00a0\u00a0 clamd-0.98.6-1.11.amzn1.i686 \n \u00a0\u00a0\u00a0 clamav-0.98.6-1.11.amzn1.i686 \n \u00a0\u00a0\u00a0 clamav-devel-0.98.6-1.11.amzn1.i686 \n \u00a0\u00a0\u00a0 clamav-milter-0.98.6-1.11.amzn1.i686 \n \n noarch: \n \u00a0\u00a0\u00a0 clamav-scanner-0.98.6-1.11.amzn1.noarch \n \u00a0\u00a0\u00a0 clamav-milter-sysvinit-0.98.6-1.11.amzn1.noarch \n \u00a0\u00a0\u00a0 clamav-data-0.98.6-1.11.amzn1.noarch \n \u00a0\u00a0\u00a0 clamav-scanner-sysvinit-0.98.6-1.11.amzn1.noarch \n \u00a0\u00a0\u00a0 clamav-filesystem-0.98.6-1.11.amzn1.noarch \n \u00a0\u00a0\u00a0 clamav-data-empty-0.98.6-1.11.amzn1.noarch \n \u00a0\u00a0\u00a0 clamav-server-sysvinit-0.98.6-1.11.amzn1.noarch \n \n src: \n \u00a0\u00a0\u00a0 clamav-0.98.6-1.11.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 clamav-lib-0.98.6-1.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 clamav-server-0.98.6-1.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 clamav-debuginfo-0.98.6-1.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 clamav-milter-0.98.6-1.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 clamav-0.98.6-1.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 clamav-update-0.98.6-1.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 clamav-db-0.98.6-1.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 clamd-0.98.6-1.11.amzn1.x86_64 \n \u00a0\u00a0\u00a0 clamav-devel-0.98.6-1.11.amzn1.x86_64 \n \n \n", "edition": 2, "cvss3": {}, "published": "2015-03-04T15:52:00", "type": "amazon", "title": "Medium: clamav", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9328"], "modified": "2015-03-04T16:11:00", "id": "ALAS-2015-486", "href": "https://alas.aws.amazon.com/ALAS-2015-486.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2022-05-15T07:32:10", "description": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a \"heap out of bounds condition.\"", "cvss3": {}, "published": "2015-02-03T16:59:00", "type": "debiancve", "title": "CVE-2014-9328", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9328"], "modified": "2015-02-03T16:59:00", "id": "DEBIANCVE:CVE-2014-9328", "href": "https://security-tracker.debian.org/tracker/CVE-2014-9328", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2022-01-04T12:44:32", "description": "Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled \ncertain upack packer files. An attacker could possibly use this issue to \ncause ClamAV to crash, resulting in a denial of service, or possibly \nexecute arbitrary code.\n", "cvss3": {}, "published": "2015-02-02T00:00:00", "type": "ubuntu", "title": "ClamAV vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9328"], "modified": "2015-02-02T00:00:00", "id": "USN-2488-1", "href": "https://ubuntu.com/security/notices/USN-2488-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-04T12:44:08", "description": "USN-2488-1 fixed a vulnerability in ClamAV for Ubuntu 14.10, Ubuntu \n14.04 LTS, and Ubuntu 12.04 LTS. This update provides the corresponding \nupdate for Ubuntu 10.04 LTS.\n\nOriginal advisory details:\n\nSebastian Andrzej Siewior discovered that ClamAV incorrectly handled \ncertain upack packer files. An attacker could possibly use this issue to \ncause ClamAV to crash, resulting in a denial of service, or possibly \nexecute arbitrary code.\n", "cvss3": {}, "published": "2015-02-12T00:00:00", "type": "ubuntu", "title": "ClamAV vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9328", "CVE-2013-6497"], "modified": "2015-02-12T00:00:00", "id": "USN-2488-2", "href": "https://ubuntu.com/security/notices/USN-2488-2", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:46", "description": "Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled\ncertain upack packer files. An attacker could possibly use this issue to\ncause ClamAV to crash, resulting in a denial of service, or possibly\nexecute arbitrary code.", "edition": 2, "cvss3": {}, "published": "2015-02-06T00:00:00", "type": "archlinux", "title": "clamav: arbitrary code execution", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9328"], "modified": "2015-02-06T00:00:00", "id": "ASA-201502-6", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-February/000229.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-05-29T18:35:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-01-31T00:00:00", "type": "openvas", "title": "Fedora Update for clamav FEDORA-2015-1461", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9328"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868967", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868967", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for clamav FEDORA-2015-1461\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868967\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-31 06:02:17 +0100 (Sat, 31 Jan 2015)\");\n script_cve_id(\"CVE-2014-9328\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for clamav FEDORA-2015-1461\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'clamav'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"clamav on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-1461\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.98.6~1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-02-03T00:00:00", "type": "openvas", "title": "Ubuntu Update for clamav USN-2488-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9328"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842080", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842080", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for clamav USN-2488-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842080\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-02-03 05:45:46 +0100 (Tue, 03 Feb 2015)\");\n script_cve_id(\"CVE-2014-9328\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Ubuntu Update for clamav USN-2488-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'clamav'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Sebastian Andrzej Siewior discovered that\nClamAV incorrectly handled certain upack packer files. An attacker could possibly\nuse this issue to cause ClamAV to crash, resulting in a denial of service, or\npossibly execute arbitrary code.\");\n script_tag(name:\"affected\", value:\"clamav on Ubuntu 14.10,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2488-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2488-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.10|14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"clamav\", ver:\"0.98.6+dfsg-0ubuntu0.14.10.1\", rls:\"UBUNTU14.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"clamav\", ver:\"0.98.6+dfsg-0ubuntu0.14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"clamav\", ver:\"0.98.6+dfsg-0ubuntu0.12.04.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-01-31T00:00:00", "type": "openvas", "title": "Fedora Update for clamav FEDORA-2015-1437", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9328"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868970", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868970", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for clamav FEDORA-2015-1437\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868970\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-31 06:02:22 +0100 (Sat, 31 Jan 2015)\");\n script_cve_id(\"CVE-2014-9328\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for clamav FEDORA-2015-1437\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'clamav'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"clamav on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-1437\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.98.6~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-17T22:59:10", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2015-486)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9328"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120326", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120326", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120326\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:23:39 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2015-486)\");\n script_tag(name:\"insight\", value:\"ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a heap out of bounds condition.\");\n script_tag(name:\"solution\", value:\"Run yum update clamav to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2015-486.html\");\n script_cve_id(\"CVE-2014-9328\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"clamav-update\", rpm:\"clamav-update~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav-db\", rpm:\"clamav-db~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav-server\", rpm:\"clamav-server~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav-debuginfo\", rpm:\"clamav-debuginfo~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav-lib\", rpm:\"clamav-lib~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamd\", rpm:\"clamd~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav-devel\", rpm:\"clamav-devel~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav-scanner\", rpm:\"clamav-scanner~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav-milter-sysvinit\", rpm:\"clamav-milter-sysvinit~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav-data\", rpm:\"clamav-data~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav-scanner-sysvinit\", rpm:\"clamav-scanner-sysvinit~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav-filesystem\", rpm:\"clamav-filesystem~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav-data-empty\", rpm:\"clamav-data-empty~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav-server-sysvinit\", rpm:\"clamav-server-sysvinit~0.98.6~1.11.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-02-14T00:00:00", "type": "openvas", "title": "Ubuntu Update for clamav USN-2488-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6497", "CVE-2014-9328"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842092", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842092", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for clamav USN-2488-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842092\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-02-14 05:03:52 +0100 (Sat, 14 Feb 2015)\");\n script_cve_id(\"CVE-2013-6497\", \"CVE-2014-9328\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for clamav USN-2488-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'clamav'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-2488-1 fixed a vulnerability in ClamAV\nfor Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. This update provides the\ncorresponding update for Ubuntu 10.04 LTS.\n\nOriginal advisory details:\n\nSebastian Andrzej Siewior discovered that ClamAV incorrectly handled\ncertain upack packer files. An attacker could possibly use this issue to\ncause ClamAV to crash, resulting in a denial of service, or possibly\nexecute arbitrary code.\");\n script_tag(name:\"affected\", value:\"clamav on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2488-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2488-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"clamav\", ver:\"0.98.6+dfsg-0ubuntu0.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:37:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-02-14T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for clamav (openSUSE-SU-2015:0285-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1463", "CVE-2015-1462", "CVE-2014-9328", "CVE-2015-1461"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850635", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850635", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850635\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-02-14 05:03:08 +0100 (Sat, 14 Feb 2015)\");\n script_cve_id(\"CVE-2014-9328\", \"CVE-2015-1461\", \"CVE-2015-1462\", \"CVE-2015-1463\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for clamav (openSUSE-SU-2015:0285-1)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'clamav'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"clamav was updated to version 0.98.6 that fixes bugs and several security\n issues:\n\n * bsc#916217, CVE-2015-1461: Remote attackers can have unspecified impact\n via Yoda's crypter or mew packer files.\n\n * bsc#916214, CVE-2015-1462: Unspecified impact via acrafted upx packer\n file.\n\n * bsc#916215, CVE-2015-1463: Remote attackers can cause a denial\n of service via a crafted petite packer file.\n\n * bsc#915512, CVE-2014-9328: heap out of bounds condition with crafted\n upack packer files.\");\n\n script_tag(name:\"affected\", value:\"clamav on openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:0285-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.98.6~30.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav-debuginfo\", rpm:\"clamav-debuginfo~0.98.6~30.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"clamav-debugsource\", rpm:\"clamav-debugsource~0.98.6~30.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T18:38:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-13T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for clamav (SUSE-SU-2015:0298-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1463", "CVE-2015-1462", "CVE-2014-9328", "CVE-2015-1461"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850824", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850824", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850824\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-13 18:35:01 +0530 (Tue, 13 Oct 2015)\");\n script_cve_id(\"CVE-2014-9328\", \"CVE-2015-1461\", \"CVE-2015-1462\", \"CVE-2015-1463\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for clamav (SUSE-SU-2015:0298-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'clamav'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"clamav was updated to version 0.98.6 to fix four security issues.\n\n These security issues have been fixed:\n\n * CVE-2015-1462: ClamAV allowed remote attackers to have unspecified\n impact via a crafted upx packer file, related to a heap out of\n bounds condition (bnc#916214).\n\n * CVE-2015-1463: ClamAV allowed remote attackers to cause a denial of\n service (crash) via a crafted petite packer file, related to an\n incorrect compiler optimization (bnc#916215).\n\n * CVE-2014-9328: ClamAV allowed remote attackers to have unspecified\n impact via a crafted upack packer file, related to a heap out of\n bounds condition (bnc#915512).\n\n * CVE-2015-1461: ClamAV allowed remote attackers to have unspecified\n impact via a crafted (1) Yoda's crypter or (2) mew packer file,\n related to a heap out of bounds condition (bnc#916217).\");\n\n script_tag(name:\"affected\", value:\"clamav on SUSE Linux Enterprise Server 11 SP3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:0298-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP3\") {\n if(!isnull(res = isrpmvuln(pkg:\"clamav\", rpm:\"clamav~0.98.6~0.6.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:56", "description": "Gentoo Linux Local Security Checks GLSA 201512-08", "cvss3": {}, "published": "2015-12-31T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201512-08", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-2221", "CVE-2015-2222", "CVE-2015-1463", "CVE-2015-2668", "CVE-2015-2170", "CVE-2015-1462", "CVE-2014-9328", "CVE-2015-1461"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121430", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121430", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201512-08.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121430\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-12-31 11:46:02 +0200 (Thu, 31 Dec 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201512-08\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201512-08\");\n script_cve_id(\"CVE-2014-9328\", \"CVE-2015-1461\", \"CVE-2015-1462\", \"CVE-2015-1463\", \"CVE-2015-2170\", \"CVE-2015-2221\", \"CVE-2015-2222\", \"CVE-2015-2668\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201512-08\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"app-antivirus/clamav\", unaffected: make_list(\"ge 0.98.7\"), vulnerable: make_list(\"lt 0.98.7\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2022-03-23T15:23:21", "description": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a \"heap out of bounds condition.\"", "cvss3": {}, "published": "2015-02-03T16:59:00", "type": "cve", "title": "CVE-2014-9328", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9328"], "modified": "2017-01-03T02:59:00", "cpe": ["cpe:/o:fedoraproject:fedora:20", "cpe:/a:clamav:clamav:0.98.5", "cpe:/o:fedoraproject:fedora:21"], "id": "CVE-2014-9328", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9328", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", "cpe:2.3:a:clamav:clamav:0.98.5:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2021-08-19T12:47:12", "description": "Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled certain upack packer files. An attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2015-02-03T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : clamav vulnerability (USN-2488-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9328"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:clamav", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:14.10"], "id": "UBUNTU_USN-2488-1.NASL", "href": "https://www.tenable.com/plugins/nessus/81144", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2488-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81144);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-9328\");\n script_bugtraq_id(72372);\n script_xref(name:\"USN\", value:\"2488-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : clamav vulnerability (USN-2488-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled\ncertain upack packer files. An attacker could possibly use this issue\nto cause ClamAV to crash, resulting in a denial of service, or\npossibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2488-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected clamav package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/02/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|14\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 14.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"clamav\", pkgver:\"0.98.6+dfsg-0ubuntu0.12.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"clamav\", pkgver:\"0.98.6+dfsg-0ubuntu0.14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.10\", pkgname:\"clamav\", pkgver:\"0.98.6+dfsg-0ubuntu0.14.10.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"clamav\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T01:41:58", "description": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upack packer file, related to a 'heap out of bounds condition.'", "cvss3": {"score": null, "vector": null}, "published": "2015-03-09T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : clamav (ALAS-2015-486)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9328"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:clamav", "p-cpe:/a:amazon:linux:clamav-data", "p-cpe:/a:amazon:linux:clamav-data-empty", "p-cpe:/a:amazon:linux:clamav-db", "p-cpe:/a:amazon:linux:clamav-debuginfo", "p-cpe:/a:amazon:linux:clamav-devel", "p-cpe:/a:amazon:linux:clamav-filesystem", "p-cpe:/a:amazon:linux:clamav-lib", "p-cpe:/a:amazon:linux:clamav-milter", "p-cpe:/a:amazon:linux:clamav-milter-sysvinit", "p-cpe:/a:amazon:linux:clamav-scanner", "p-cpe:/a:amazon:linux:clamav-scanner-sysvinit", "p-cpe:/a:amazon:linux:clamav-server", "p-cpe:/a:amazon:linux:clamav-server-sysvinit", "p-cpe:/a:amazon:linux:clamav-update", "p-cpe:/a:amazon:linux:clamd", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2015-486.NASL", "href": "https://www.tenable.com/plugins/nessus/81674", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2015-486.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81674);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-9328\");\n script_xref(name:\"ALAS\", value:\"2015-486\");\n\n script_name(english:\"Amazon Linux AMI : clamav (ALAS-2015-486)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ClamAV before 0.98.6 allows remote attackers to have unspecified\nimpact via a crafted upack packer file, related to a 'heap out of\nbounds condition.'\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2015-486.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update clamav' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav-data-empty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav-db\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav-filesystem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav-lib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav-milter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav-milter-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav-scanner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav-scanner-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav-server-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamav-update\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:clamd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"clamav-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamav-data-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamav-data-empty-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamav-db-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamav-debuginfo-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamav-devel-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamav-filesystem-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamav-lib-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamav-milter-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamav-milter-sysvinit-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamav-scanner-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamav-scanner-sysvinit-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamav-server-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamav-server-sysvinit-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamav-update-0.98.6-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"clamd-0.98.6-1.11.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"clamav / clamav-data / clamav-data-empty / clamav-db / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:46:54", "description": "USN-2488-1 fixed a vulnerability in ClamAV for Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. This update provides the corresponding update for Ubuntu 10.04 LTS.\n\nSebastian Andrzej Siewior discovered that ClamAV incorrectly handled certain upack packer files. An attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2015-02-13T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS : clamav vulnerability (USN-2488-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6497", "CVE-2014-9328"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:clamav", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts"], "id": "UBUNTU_USN-2488-2.NASL", "href": "https://www.tenable.com/plugins/nessus/81341", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2488-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81341);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-6497\", \"CVE-2014-9328\");\n script_bugtraq_id(71178, 72372);\n script_xref(name:\"USN\", value:\"2488-2\");\n\n script_name(english:\"Ubuntu 10.04 LTS : clamav vulnerability (USN-2488-2)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-2488-1 fixed a vulnerability in ClamAV for Ubuntu 14.10, Ubuntu\n14.04 LTS, and Ubuntu 12.04 LTS. This update provides the\ncorresponding update for Ubuntu 10.04 LTS.\n\nSebastian Andrzej Siewior discovered that ClamAV incorrectly handled\ncertain upack packer files. An attacker could possibly use this issue\nto cause ClamAV to crash, resulting in a denial of service, or\npossibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2488-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected clamav package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"clamav\", pkgver:\"0.98.6+dfsg-0ubuntu0.10.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"clamav\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:46:50", "description": "clamav was updated to version 0.98.6 to fix four security issues.\n\nThese security issues have been fixed :\n\n - ClamAV allowed remote attackers to have unspecified impact via a crafted upx packer file, related to a heap out of bounds condition. (bnc#916214). (CVE-2015-1462)\n\n - ClamAV allowed remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an incorrect compiler optimization.\n (bnc#916215). (CVE-2015-1463)\n\n - ClamAV allowed remote attackers to have unspecified impact via a crafted upack packer file, related to a heap out of bounds condition. (bnc#915512).\n (CVE-2014-9328)\n\n - ClamAV allowed remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a heap out of bounds condition.\n (bnc#916217). (CVE-2015-1461)", "cvss3": {"score": null, "vector": null}, "published": "2015-02-17T00:00:00", "type": "nessus", "title": "SuSE 11.3 Security Update : clamav (SAT Patch Number 10283)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9328", "CVE-2015-1461", "CVE-2015-1462", "CVE-2015-1463"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:clamav", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_CLAMAV-150206.NASL", "href": "https://www.tenable.com/plugins/nessus/81389", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81389);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2014-9328\", \"CVE-2015-1461\", \"CVE-2015-1462\", \"CVE-2015-1463\");\n\n script_name(english:\"SuSE 11.3 Security Update : clamav (SAT Patch Number 10283)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"clamav was updated to version 0.98.6 to fix four security issues.\n\nThese security issues have been fixed :\n\n - ClamAV allowed remote attackers to have unspecified\n impact via a crafted upx packer file, related to a heap\n out of bounds condition. (bnc#916214). (CVE-2015-1462)\n\n - ClamAV allowed remote attackers to cause a denial of\n service (crash) via a crafted petite packer file,\n related to an incorrect compiler optimization.\n (bnc#916215). (CVE-2015-1463)\n\n - ClamAV allowed remote attackers to have unspecified\n impact via a crafted upack packer file, related to a\n heap out of bounds condition. (bnc#915512).\n (CVE-2014-9328)\n\n - ClamAV allowed remote attackers to have unspecified\n impact via a crafted (1) Yoda's crypter or (2) mew\n packer file, related to a heap out of bounds condition.\n (bnc#916217). (CVE-2015-1461)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=915512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=916214\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=916215\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=916217\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-9328.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2015-1461.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2015-1462.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2015-1463.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 10283.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"clamav-0.98.6-0.6.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"clamav-0.98.6-0.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"clamav-0.98.6-0.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:01", "description": "ClamAV 0.98.6 =============\n\nClamAV 0.98.6 is a bug fix release correcting the following :\n\n - library shared object revisions.\n\n - installation issues on some Mac OS X and FreeBSD platforms.\n\n - includes a patch from Sebastian Andrzej Siewior making ClamAV pid files compatible with systemd.\n\n - Fix a heap out of bounds condition with crafted Yoda's crypter files. This issue was discovered by Felix Groebert of the Google Security Team.\n\n - Fix a heap out of bounds condition with crafted mew packer files. This issue was discovered by Felix Groebert of the Google Security Team.\n\n - Fix a heap out of bounds condition with crafted upx packer files. This issue was discovered by Kevin Szkudlapski of Quarkslab.\n\n - Fix a heap out of bounds condition with crafted upack packer files. This issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328.\n\n - Compensate a crash due to incorrect compiler optimization when handling crafted petite packer files. This issue was discovered by Sebastian Andrzej Siewior.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2015-02-02T00:00:00", "type": "nessus", "title": "Fedora 20 : clamav-0.98.6-1.fc20 (2015-1437)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9328", "CVE-2015-1461", "CVE-2015-1462", "CVE-2015-1463"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:clamav", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2015-1437.NASL", "href": "https://www.tenable.com/plugins/nessus/81114", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-1437.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81114);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-9328\", \"CVE-2015-1461\", \"CVE-2015-1462\", \"CVE-2015-1463\");\n script_xref(name:\"FEDORA\", value:\"2015-1437\");\n\n script_name(english:\"Fedora 20 : clamav-0.98.6-1.fc20 (2015-1437)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ClamAV 0.98.6 =============\n\nClamAV 0.98.6 is a bug fix release correcting the following :\n\n - library shared object revisions.\n\n - installation issues on some Mac OS X and FreeBSD\n platforms.\n\n - includes a patch from Sebastian Andrzej Siewior making\n ClamAV pid files compatible with systemd.\n\n - Fix a heap out of bounds condition with crafted Yoda's\n crypter files. This issue was discovered by Felix\n Groebert of the Google Security Team.\n\n - Fix a heap out of bounds condition with crafted mew\n packer files. This issue was discovered by Felix\n Groebert of the Google Security Team.\n\n - Fix a heap out of bounds condition with crafted upx\n packer files. This issue was discovered by Kevin\n Szkudlapski of Quarkslab.\n\n - Fix a heap out of bounds condition with crafted upack\n packer files. This issue was discovered by Sebastian\n Andrzej Siewior. CVE-2014-9328.\n\n - Compensate a crash due to incorrect compiler\n optimization when handling crafted petite packer\n files. This issue was discovered by Sebastian Andrzej\n Siewior.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1187050\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/148950.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a7c4b96b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected clamav package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"clamav-0.98.6-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"clamav\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:15", "description": "According to its version, the ClamAV clamd antivirus daemon on the remote host is prior to 0.98.6. It is, therefore, affected by the following vulnerabilities :\n\n - An out-of-bounds access flaw exists in the unupack() function that is triggered when parsing a specially crafted Upack packer file. A remote attacker can exploit this to crash the application, resulting in a denial of service condition. (CVE-2014-9328)\n\n - An out-of-bounds access flaw exists that is triggered when parsing maliciously crafted Yoda Crypter and MEW packer files. A remote attacker can exploit this to crash the application, resulting in a denial of service condition. (CVE-2015-1461) \n - An out-of-bounds access flaw exists that is triggered when parsing a specially crafted UPX packer file. A remote attacker can exploit this to crash the application, resulting in a denial of service condition.\n (CVE-2015-1462)\n\n - A signedness flaw exists in the petite_inflate2x_1to9() function in 'libclamav/petite.c' that allows a remote attacker with a specially crafted petite packer file to cause a denial of service. (CVE-2015-1463)\n\n - An integer overflow condition exists in upx.c due to improper validation of user-supplied input when scanning EXE files. An attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.", "cvss3": {"score": null, "vector": null}, "published": "2015-02-03T00:00:00", "type": "nessus", "title": "ClamAV < 0.98.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9328", "CVE-2015-1461", "CVE-2015-1462", "CVE-2015-1463"], "modified": "2019-11-25T00:00:00", "cpe": ["cpe:/a:clamav:clamav"], "id": "CLAMAV_0_98_6.NASL", "href": "https://www.tenable.com/plugins/nessus/81147", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(81147);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/11/25\");\n\n script_cve_id(\n \"CVE-2014-9328\",\n \"CVE-2015-1461\",\n \"CVE-2015-1462\",\n \"CVE-2015-1463\"\n );\n script_bugtraq_id(\n 72372,\n 72641,\n 72652,\n 72654\n );\n\n script_name(english:\"ClamAV < 0.98.6 Multiple Vulnerabilities\");\n script_summary(english:\"Checks the response to a clamd VERSION command.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The antivirus service running on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the ClamAV clamd antivirus daemon on the\nremote host is prior to 0.98.6. It is, therefore, affected by the\nfollowing vulnerabilities :\n\n - An out-of-bounds access flaw exists in the unupack()\n function that is triggered when parsing a specially\n crafted Upack packer file. A remote attacker can exploit\n this to crash the application, resulting in a denial of\n service condition. (CVE-2014-9328)\n\n - An out-of-bounds access flaw exists that is triggered\n when parsing maliciously crafted Yoda Crypter and MEW\n packer files. A remote attacker can exploit this to\n crash the application, resulting in a denial of service\n condition. (CVE-2015-1461)\n \n - An out-of-bounds access flaw exists that is triggered\n when parsing a specially crafted UPX packer file. A\n remote attacker can exploit this to crash the\n application, resulting in a denial of service condition.\n (CVE-2015-1462)\n\n - A signedness flaw exists in the petite_inflate2x_1to9()\n function in 'libclamav/petite.c' that allows a remote\n attacker with a specially crafted petite packer file\n to cause a denial of service. (CVE-2015-1463)\n\n - An integer overflow condition exists in upx.c due to\n improper validation of user-supplied input when scanning\n EXE files. An attacker can exploit this to cause a\n heap-based buffer overflow, resulting in a denial of\n service condition or the execution of arbitrary code.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://blog.clamav.net/2015/01/clamav-0986-has-been-released.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://seclists.org/oss-sec/2015/q1/344\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.clamav.net/show_bug.cgi?id=11213\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to ClamAV 0.98.6 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-1462\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/03\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:clamav:clamav\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"clamav_detect.nasl\");\n script_require_keys(\"Antivirus/ClamAV/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"Antivirus/ClamAV/version\");\nport = get_service(svc:\"clamd\", default:3310, exit_on_fail:TRUE);\n\n# nb: banner checks of open source software are prone to false-\n# positives so only run the check if reporting is paranoid.\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# Check the version number.\nver = split(version, sep:'.', keep:FALSE);\nfor (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n# Affected :\n# 0.x < 0.98.6\n# 0.98.6beta\\d\n# 0.98.6rc\\d\nif (\n (ver[0] == 0 && ver[1] < 98) ||\n (ver[0] == 0 && ver[1] == 98 && ver[2] < 6) ||\n version =~ \"^0\\.98\\.6-(beta|rc)\\d($|[^0-9])\"\n)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Installed version : ' + version +\n '\\n Fixed version : 0.98.6' +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"ClamAV\", port, version);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:47:08", "description": "ClamAV 0.98.6 =============\n\nClamAV 0.98.6 is a bug fix release correcting the following :\n\n - library shared object revisions.\n\n - installation issues on some Mac OS X and FreeBSD platforms.\n\n - includes a patch from Sebastian Andrzej Siewior making ClamAV pid files compatible with systemd.\n\n - Fix a heap out of bounds condition with crafted Yoda's crypter files. This issue was discovered by Felix Groebert of the Google Security Team.\n\n - Fix a heap out of bounds condition with crafted mew packer files. This issue was discovered by Felix Groebert of the Google Security Team.\n\n - Fix a heap out of bounds condition with crafted upx packer files. This issue was discovered by Kevin Szkudlapski of Quarkslab.\n\n - Fix a heap out of bounds condition with crafted upack packer files. This issue was discovered by Sebastian Andrzej Siewior. CVE-2014-9328.\n\n - Compensate a crash due to incorrect compiler optimization when handling crafted petite packer files. This issue was discovered by Sebastian Andrzej Siewior.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2015-02-02T00:00:00", "type": "nessus", "title": "Fedora 21 : clamav-0.98.6-1.fc21 (2015-1461)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9328", "CVE-2015-1461", "CVE-2015-1462", "CVE-2015-1463"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:clamav", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2015-1461.NASL", "href": "https://www.tenable.com/plugins/nessus/81115", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-1461.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81115);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-9328\", \"CVE-2015-1461\", \"CVE-2015-1462\", \"CVE-2015-1463\");\n script_xref(name:\"FEDORA\", value:\"2015-1461\");\n\n script_name(english:\"Fedora 21 : clamav-0.98.6-1.fc21 (2015-1461)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ClamAV 0.98.6 =============\n\nClamAV 0.98.6 is a bug fix release correcting the following :\n\n - library shared object revisions.\n\n - installation issues on some Mac OS X and FreeBSD\n platforms.\n\n - includes a patch from Sebastian Andrzej Siewior making\n ClamAV pid files compatible with systemd.\n\n - Fix a heap out of bounds condition with crafted Yoda's\n crypter files. This issue was discovered by Felix\n Groebert of the Google Security Team.\n\n - Fix a heap out of bounds condition with crafted mew\n packer files. This issue was discovered by Felix\n Groebert of the Google Security Team.\n\n - Fix a heap out of bounds condition with crafted upx\n packer files. This issue was discovered by Kevin\n Szkudlapski of Quarkslab.\n\n - Fix a heap out of bounds condition with crafted upack\n packer files. This issue was discovered by Sebastian\n Andrzej Siewior. CVE-2014-9328.\n\n - Compensate a crash due to incorrect compiler\n optimization when handling crafted petite packer\n files. This issue was discovered by Sebastian Andrzej\n Siewior.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1187050\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-January/148958.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?710c5df4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected clamav package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"clamav-0.98.6-1.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"clamav\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:44:55", "description": "Versions of ClamAV earlier than 0.98.6 are potentially affected by the following vulnerabilities : \n\n - An out-of-bounds access flaw exists in the 'unupack()' function that is triggered when parsing a specially crafted Upack packer file. A remote attacker can exploit this to crash the application, resulting in a denial of service condition. (CVE-2014-9328)\n - An out-of-bounds access flaw exists that is triggered when parsing maliciously crafted Yoda Crypter and MEWpacker files. A remote attacker can exploit this to crash the application, resulting in a denial of service condition. (CVE-2015-1461)\n - An out-of-bounds access flaw exists that is triggered when parsing a specially crafted UPX packer file. A remote attacker can exploit this to crash the application, resulting in a denial of service condition. (CVE-2015-1462)\n - A signedness flaw exists in the 'petite_inflate2x_1to9()' function in 'libclamav/petite.c' that allows a remote attacker with a specially crafted petite packer file to cause a denial of service. (CVE-2015-1463)\n - An integer overflow condition exists in 'upx.c' due to improper validation of user-supplied input when scanning EXE files. An attacker can exploit this to cause a heap-based buffer overflow, resulting in a denial of service condition or the execution of arbitrary code.", "cvss3": {"score": 7.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "published": "2015-07-24T00:00:00", "type": "nessus", "title": "ClamAV < 0.98.6 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9328", "CVE-2015-1462", "CVE-2015-1463", "CVE-2015-1461"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:cisco:clamav:*:*:*:*:*:*:*:*"], "id": "8826.PRM", "href": "https://www.tenable.com/plugins/nnm/8826", "sourceData": "Binary data 8826.prm", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:46:49", "description": "clamav was updated to version 0.98.6 that fixes bugs and several security issues :\n\n - bsc#916217, CVE-2015-1461: Remote attackers can have unspecified impact via Yoda's crypter or mew packer files.\n\n - bsc#916214, CVE-2015-1462: Unspecified impact via acrafted upx packer file.\n\n - bsc#916215, CVE-2015-1463: Remote attackers can cause a denial of service via a crafted petite packer file.\n\n - bsc#915512, CVE-2014-9328: heap out of bounds condition with crafted upack packer files.", "cvss3": {"score": null, "vector": null}, "published": "2015-02-16T00:00:00", "type": "nessus", "title": "openSUSE Security Update : clamav (openSUSE-2015-147)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9328", "CVE-2015-1461", "CVE-2015-1462", "CVE-2015-1463"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:clamav", "p-cpe:/a:novell:opensuse:clamav-debuginfo", "p-cpe:/a:novell:opensuse:clamav-debugsource", "cpe:/o:novell:opensuse:13.1", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2015-147.NASL", "href": "https://www.tenable.com/plugins/nessus/81372", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2015-147.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81372);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-9328\", \"CVE-2015-1461\", \"CVE-2015-1462\", \"CVE-2015-1463\");\n\n script_name(english:\"openSUSE Security Update : clamav (openSUSE-2015-147)\");\n script_summary(english:\"Check for the openSUSE-2015-147 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"clamav was updated to version 0.98.6 that fixes bugs and several\nsecurity issues :\n\n - bsc#916217, CVE-2015-1461: Remote attackers can have\n unspecified impact via Yoda's crypter or mew packer\n files.\n\n - bsc#916214, CVE-2015-1462: Unspecified impact via\n acrafted upx packer file.\n\n - bsc#916215, CVE-2015-1463: Remote attackers can cause a\n denial of service via a crafted petite packer file.\n\n - bsc#915512, CVE-2014-9328: heap out of bounds condition\n with crafted upack packer files.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=915512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=916214\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=916215\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=916217\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected clamav packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:clamav-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:clamav-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/02/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1|SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1 / 13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"clamav-0.98.6-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"clamav-debuginfo-0.98.6-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"clamav-debugsource-0.98.6-30.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"clamav-0.98.6-2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"clamav-debuginfo-0.98.6-2.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"clamav-debugsource-0.98.6-2.13.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"clamav / clamav-debuginfo / clamav-debugsource\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T14:56:00", "description": "Updated clamav packages fix security vulnerabilities :\n\nClamAV 0.98.6 is a maintenance release to fix some bugs, some of them being security bugs :\n\nCertain JavaScript files causes ClamAV to segfault when scanned with the -a (list archived files) (CVE-2013-6497).\n\nA heap buffer overflow was reported in ClamAV when scanning a specially crafted y0da Crypter obfuscated PE file (CVE-2014-9050).\n\nFix a heap out of bounds condition with crafted Yoda's crypter files.\nThis issue was discovered by Felix Groebert of the Google Security Team.\n\nFix a heap out of bounds condition with crafted mew packer files. This issue was discovered by Felix Groebert of the Google Security Team.\n\nFix a heap out of bounds condition with crafted upx packer files. This issue was discovered by Kevin Szkudlapski of Quarkslab.\n\nFix a heap out of bounds condition with crafted upack packer files.\nThis issue was discovered by Sebastian Andrzej Siewior (CVE-2014-9328).\n\nCompensate a crash due to incorrect compiler optimization when handling crafted petite packer files. This issue was discovered by Sebastian Andrzej Siewior.", "cvss3": {"score": null, "vector": null}, "published": "2015-03-30T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : clamav (MDVSA-2015:166)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6497", "CVE-2014-6497", "CVE-2014-9050", "CVE-2014-9328"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:clamav", "p-cpe:/a:mandriva:linux:clamav-db", "p-cpe:/a:mandriva:linux:clamav-milter", "p-cpe:/a:mandriva:linux:clamd", "p-cpe:/a:mandriva:linux:lib64clamav-devel", "p-cpe:/a:mandriva:linux:lib64clamav6", "cpe:/o:mandriva:business_server:2"], "id": "MANDRIVA_MDVSA-2015-166.NASL", "href": "https://www.tenable.com/plugins/nessus/82419", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2015:166. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(82419);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-6497\", \"CVE-2014-9050\", \"CVE-2014-9328\");\n script_xref(name:\"MDVSA\", value:\"2015:166\");\n\n script_name(english:\"Mandriva Linux Security Advisory : clamav (MDVSA-2015:166)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated clamav packages fix security vulnerabilities :\n\nClamAV 0.98.6 is a maintenance release to fix some bugs, some of them\nbeing security bugs :\n\nCertain JavaScript files causes ClamAV to segfault when scanned with\nthe -a (list archived files) (CVE-2013-6497).\n\nA heap buffer overflow was reported in ClamAV when scanning a\nspecially crafted y0da Crypter obfuscated PE file (CVE-2014-9050).\n\nFix a heap out of bounds condition with crafted Yoda's crypter files.\nThis issue was discovered by Felix Groebert of the Google Security\nTeam.\n\nFix a heap out of bounds condition with crafted mew packer files. This\nissue was discovered by Felix Groebert of the Google Security Team.\n\nFix a heap out of bounds condition with crafted upx packer files. This\nissue was discovered by Kevin Szkudlapski of Quarkslab.\n\nFix a heap out of bounds condition with crafted upack packer files.\nThis issue was discovered by Sebastian Andrzej Siewior\n(CVE-2014-9328).\n\nCompensate a crash due to incorrect compiler optimization when\nhandling crafted petite packer files. This issue was discovered by\nSebastian Andrzej Siewior.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2014-0487.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2015-0056.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:clamav-db\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:clamav-milter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:clamd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64clamav-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64clamav6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"clamav-0.98.6-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", reference:\"clamav-db-0.98.6-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"clamav-milter-0.98.6-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"clamd-0.98.6-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64clamav-devel-0.98.6-1.mbs2\")) flag++;\nif (rpm_check(release:\"MDK-MBS2\", cpu:\"x86_64\", reference:\"lib64clamav6-0.98.6-1.mbs2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:43:48", "description": "The remote host is affected by the vulnerability described in GLSA-201512-08 (ClamAV: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could cause ClamAV to scan a specially crafted file, possibly resulting in a Denial of Service condition or other unspecified impact.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2016-01-04T00:00:00", "type": "nessus", "title": "GLSA-201512-08 : ClamAV: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9328", "CVE-2015-1461", "CVE-2015-1462", "CVE-2015-1463", "CVE-2015-2170", "CVE-2015-2221", "CVE-2015-2222", "CVE-2015-2668"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:clamav", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201512-08.NASL", "href": "https://www.tenable.com/plugins/nessus/87708", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201512-08.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87708);\n script_version(\"2.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-9328\", \"CVE-2015-1461\", \"CVE-2015-1462\", \"CVE-2015-1463\", \"CVE-2015-2170\", \"CVE-2015-2221\", \"CVE-2015-2222\", \"CVE-2015-2668\");\n script_xref(name:\"GLSA\", value:\"201512-08\");\n\n script_name(english:\"GLSA-201512-08 : ClamAV: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201512-08\n(ClamAV: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in ClamAV. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could cause ClamAV to scan a specially crafted file,\n possibly resulting in a Denial of Service condition or other unspecified\n impact.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201512-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All ClamAV users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-antivirus/clamav-0.98.7'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-antivirus/clamav\", unaffected:make_list(\"ge 0.98.7\"), vulnerable:make_list(\"lt 0.98.7\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ClamAV\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T15:00:30", "description": "Upstream published version 0.98.7. This update updates sqeeze-lts to the latest upstream release in line with the approach used for other Debian releases.\n\nThe changes are not strictly required for operation, but users of the previous version in Squeeze may not be able to make use of all current virus signatures and might get warnings.\n\nThe bug fixes that are part of this release include security fixes related to packed or crypted files (CVE-2014-9328, CVE-2015-1461, CVE-2015-1462, CVE-2015-1463, CVE-2015-2170, CVE-2015-2221, CVE-2015-2222, and CVE-2015-2668) and several fixes to the embedded libmspack library, including a potential infinite loop in the Quantum decoder (CVE-2014-9556).\n\nIf you use clamav, we strongly recommend that you upgrade to this version.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2015-05-29T00:00:00", "type": "nessus", "title": "Debian DLA-233-1 : clamav security and upstream version update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9328", "CVE-2014-9556", "CVE-2015-1461", "CVE-2015-1462", "CVE-2015-1463", "CVE-2015-2170", "CVE-2015-2221", "CVE-2015-2222", "CVE-2015-2668"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:clamav", "p-cpe:/a:debian:debian_linux:clamav-base", "p-cpe:/a:debian:debian_linux:clamav-daemon", "p-cpe:/a:debian:debian_linux:clamav-dbg", "p-cpe:/a:debian:debian_linux:clamav-docs", "p-cpe:/a:debian:debian_linux:clamav-freshclam", "p-cpe:/a:debian:debian_linux:clamav-milter", "p-cpe:/a:debian:debian_linux:clamav-testfiles", "p-cpe:/a:debian:debian_linux:libclamav-dev", "p-cpe:/a:debian:debian_linux:libclamav6", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-233.NASL", "href": "https://www.tenable.com/plugins/nessus/83888", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-233-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83888);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-9328\", \"CVE-2015-1461\", \"CVE-2015-1462\", \"CVE-2015-1463\", \"CVE-2015-2170\", \"CVE-2015-2221\", \"CVE-2015-2222\", \"CVE-2015-2668\");\n script_bugtraq_id(72372, 72641, 72652, 72654, 74443, 74472);\n\n script_name(english:\"Debian DLA-233-1 : clamav security and upstream version update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upstream published version 0.98.7. This update updates sqeeze-lts to\nthe latest upstream release in line with the approach used for other\nDebian releases.\n\nThe changes are not strictly required for operation, but users of the\nprevious version in Squeeze may not be able to make use of all current\nvirus signatures and might get warnings.\n\nThe bug fixes that are part of this release include security fixes\nrelated to packed or crypted files (CVE-2014-9328, CVE-2015-1461,\nCVE-2015-1462, CVE-2015-1463, CVE-2015-2170, CVE-2015-2221,\nCVE-2015-2222, and CVE-2015-2668) and several fixes to the embedded\nlibmspack library, including a potential infinite loop in the Quantum\ndecoder (CVE-2014-9556).\n\nIf you use clamav, we strongly recommend that you upgrade to this\nversion.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/05/msg00017.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/clamav\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:clamav\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:clamav-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:clamav-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:clamav-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:clamav-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:clamav-freshclam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:clamav-milter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:clamav-testfiles\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libclamav-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libclamav6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"clamav\", reference:\"0.98.7+dfsg-0+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"clamav-base\", reference:\"0.98.7+dfsg-0+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"clamav-daemon\", reference:\"0.98.7+dfsg-0+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"clamav-dbg\", reference:\"0.98.7+dfsg-0+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"clamav-docs\", reference:\"0.98.7+dfsg-0+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"clamav-freshclam\", reference:\"0.98.7+dfsg-0+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"clamav-milter\", reference:\"0.98.7+dfsg-0+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"clamav-testfiles\", reference:\"0.98.7+dfsg-0+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libclamav-dev\", reference:\"0.98.7+dfsg-0+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libclamav6\", reference:\"0.98.7+dfsg-0+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:50:23", "description": "ClamAV before 0.98.6 allows remote attackers to have unspecified impact via\na crafted upack packer file, related to a \"heap out of bounds condition.\"", "cvss3": {}, "published": "2015-01-29T00:00:00", "type": "ubuntucve", "title": "CVE-2014-9328", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9328"], "modified": "2015-01-29T00:00:00", "id": "UB:CVE-2014-9328", "href": "https://ubuntu.com/security/CVE-2014-9328", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "ClamAV 0.98.6 is a maintenance release to fix some bugs, some of them being security bugs: Fix a heap out of bounds condition with crafted Yoda's crypter files. This issue was discovered by Felix Groebert of the Google Security Team. Fix a heap out of bounds condition with crafted mew packer files. This issue was discovered by Felix Groebert of the Google Security Team. Fix a heap out of bounds condition with crafted upx packer files. This issue was discovered by Kevin Szkudlapski of Quarkslab. Fix a heap out of bounds condition with crafted upack packer files. This issue was discovered by Sebastian Andrzej Siewior (CVE-2014-9328). Compensate a crash due to incorrect compiler optimization when handling crafted petite packer files. This issue was discovered by Sebastian Andrzej Siewior. \n", "cvss3": {}, "published": "2015-02-09T21:44:14", "type": "mageia", "title": "Updated clamav packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9328"], "modified": "2015-02-09T21:44:14", "id": "MGASA-2015-0056", "href": "https://advisories.mageia.org/MGASA-2015-0056.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2016-09-04T12:03:49", "description": "clamav was updated to version 0.98.6 to fix four security issues.\n\n These security issues have been fixed:\n\n * CVE-2015-1462: ClamAV allowed remote attackers to have unspecified\n impact via a crafted upx packer file, related to a heap out of\n bounds condition (bnc#916214).\n * CVE-2015-1463: ClamAV allowed remote attackers to cause a denial of\n service (crash) via a crafted petite packer file, related to an\n incorrect compiler optimization (bnc#916215).\n * CVE-2014-9328: ClamAV allowed remote attackers to have unspecified\n impact via a crafted upack packer file, related to a heap out of\n bounds condition (bnc#915512).\n * CVE-2015-1461: ClamAV allowed remote attackers to have unspecified\n impact via a crafted (1) Yoda's crypter or (2) mew packer file,\n related to a heap out of bounds condition (bnc#916217).\n\n Security Issues:\n\n * CVE-2015-1462\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1462\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1462</a>&gt;\n * CVE-2014-9328\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9328\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9328</a>&gt;\n * CVE-2015-1463\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1463\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1463</a>&gt;\n * CVE-2015-1461\n &lt;<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1461\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1461</a>&gt;\n\n", "cvss3": {}, "published": "2015-02-17T03:04:56", "type": "suse", "title": "Security update for clamav (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-1463", "CVE-2015-1462", "CVE-2014-9328", "CVE-2015-1461"], "modified": "2015-02-17T03:04:56", "id": "SUSE-SU-2015:0298-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00020.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2016-09-04T11:39:50", "description": "clamav was updated to version 0.98.6 that fixes bugs and several security\n issues:\n\n * bsc#916217, CVE-2015-1461: Remote attackers can have unspecified impact\n via Yoda's crypter or mew packer files.\n * bsc#916214, CVE-2015-1462: Unspecified impact via acrafted upx packer\n file.\n * bsc#916215, CVE-2015-1463: Remote attackers can cause a denial\n of service via a crafted petite packer file.\n * bsc#915512, CVE-2014-9328: heap out of bounds condition with crafted\n upack packer files.\n\n", "cvss3": {}, "published": "2015-02-13T16:05:18", "type": "suse", "title": "Security update for clamav (important)", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2015-1463", "CVE-2015-1462", "CVE-2014-9328", "CVE-2015-1461"], "modified": "2015-02-13T16:05:18", "id": "OPENSUSE-SU-2015:0285-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00014.html", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2022-01-17T19:06:46", "description": "### Background\n\nClamAV is a GPL virus scanner.\n\n### Description\n\nMultiple vulnerabilities have been discovered in ClamAV. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could cause ClamAV to scan a specially crafted file, possibly resulting in a Denial of Service condition or other unspecified impact. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll ClamAV users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-antivirus/clamav-0.98.7\"", "cvss3": {}, "published": "2015-12-30T00:00:00", "type": "gentoo", "title": "ClamAV: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9328", "CVE-2015-1461", "CVE-2015-1462", "CVE-2015-1463", "CVE-2015-2170", "CVE-2015-2221", "CVE-2015-2222", "CVE-2015-2668"], "modified": "2015-12-30T00:00:00", "id": "GLSA-201512-08", "href": "https://security.gentoo.org/glsa/201512-08", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2022-01-06T05:33:09", "description": "Package : clamav\nVersion : 0.98.7+dfsg-0+deb6u1\nCVE ID : CVE-2014-9328 CVE-2015-1461 CVE-2015-1462 CVE-2015-1463\n CVE-2015-2170 CVE-2015-2221 CVE-2015-2222 CVE-2015-2668\n\nUpstream published version 0.98.7. This update updates sqeeze-lts to the\nlatest upstream release in line with the approach used for other Debian\nreleases.\n\nThe changes are not strictly required for operation, but users of the previous\nversion in Squeeze may not be able to make use of all current virus signatures\nand might get warnings.\n\nThe bug fixes that are part of this release include security fixes related\nto packed or crypted files (CVE-2014-9328, CVE-2015-1461, CVE-2015-1462,\nCVE-2015-1463, CVE-2015-2170, CVE-2015-2221, CVE-2015-2222, and CVE-2015-2668)\nand several fixes to the embedded libmspack library, including a potential\ninfinite loop in the Quantum decoder (CVE-2014-9556).\n\nIf you use clamav, we strongly recommend that you upgrade to this version.\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part.\n", "cvss3": {}, "published": "2015-05-29T03:57:22", "type": "debian", "title": "[SECURITY] [DLA 233-1] clamav security and upstream version update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9328", "CVE-2014-9556", "CVE-2015-1461", "CVE-2015-1462", "CVE-2015-1463", "CVE-2015-2170", "CVE-2015-2221", "CVE-2015-2222", "CVE-2015-2668"], "modified": "2015-05-29T03:57:22", "id": "DEBIAN:DLA-233-1:4B465", "href": "https://lists.debian.org/debian-lts-announce/2015/05/msg00017.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-23T22:27:59", "description": "Package : clamav\nVersion : 0.98.7+dfsg-0+deb6u1\nCVE ID : CVE-2014-9328 CVE-2015-1461 CVE-2015-1462 CVE-2015-1463\n CVE-2015-2170 CVE-2015-2221 CVE-2015-2222 CVE-2015-2668\n\nUpstream published version 0.98.7. This update updates sqeeze-lts to the\nlatest upstream release in line with the approach used for other Debian\nreleases.\n\nThe changes are not strictly required for operation, but users of the previous\nversion in Squeeze may not be able to make use of all current virus signatures\nand might get warnings.\n\nThe bug fixes that are part of this release include security fixes related\nto packed or crypted files (CVE-2014-9328, CVE-2015-1461, CVE-2015-1462,\nCVE-2015-1463, CVE-2015-2170, CVE-2015-2221, CVE-2015-2222, and CVE-2015-2668)\nand several fixes to the embedded libmspack library, including a potential\ninfinite loop in the Quantum decoder (CVE-2014-9556).\n\nIf you use clamav, we strongly recommend that you upgrade to this version.\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part.\n", "cvss3": {}, "published": "2015-05-29T03:57:22", "type": "debian", "title": "[SECURITY] [DLA 233-1] clamav security and upstream version update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9328", "CVE-2014-9556", "CVE-2015-1461", "CVE-2015-1462", "CVE-2015-1463", "CVE-2015-2170", "CVE-2015-2221", "CVE-2015-2222", "CVE-2015-2668"], "modified": "2015-05-29T03:57:22", "id": "DEBIAN:DLA-233-1:5C34F", "href": "https://lists.debian.org/debian-lts-announce/2015/05/msg00017.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}