Security Advisory for ClamAV in Fedora 3
Reporter | Title | Published | Views | Family All 83 |
---|---|---|---|---|
![]() | Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : ClamAV vulnerabilities (USN-4370-1) | 22 May 202000:00 | – | nessus |
![]() | FreeBSD : clamav -- multiple vulnerabilities (91ce95d5-cd15-4105-b942-af5ccc7144c1) | 18 May 202000:00 | – | nessus |
![]() | Debian DLA-2215-1 : clamav security update | 20 May 202000:00 | – | nessus |
![]() | Fedora 30 : clamav (2020-d98d2cbae1) | 26 May 202000:00 | – | nessus |
![]() | Fedora 31 : clamav (2020-b0acd7b66e) | 26 May 202000:00 | – | nessus |
![]() | SUSE SLES11 Security Update : clamav (SUSE-SU-2021:14592-1) | 10 Jun 202100:00 | – | nessus |
![]() | SUSE SLES12 Security Update : clamav (SUSE-SU-2020:3918-1) | 23 Dec 202000:00 | – | nessus |
![]() | SUSE SLES12 Security Update : clamav (SUSE-SU-2020:3729-1) | 9 Dec 202000:00 | – | nessus |
![]() | Amazon Linux AMI : clamav (ALAS-2020-1433) | 16 Sep 202000:00 | – | nessus |
![]() | GLSA-202007-23 : ClamAV: Multiple vulnerabilities | 27 Jul 202000:00 | – | nessus |
# Copyright (C) 2020 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.877887");
script_version("2021-07-16T11:00:51+0000");
script_cve_id("CVE-2020-3327", "CVE-2020-3341");
script_tag(name:"cvss_base", value:"5.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
script_tag(name:"last_modification", value:"2021-07-16 11:00:51 +0000 (Fri, 16 Jul 2021)");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2020-08-06 08:15:00 +0000 (Thu, 06 Aug 2020)");
script_tag(name:"creation_date", value:"2020-05-29 03:29:17 +0000 (Fri, 29 May 2020)");
script_name("Fedora: Security Advisory for clamav (FEDORA-2020-b0acd7b66e)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2020 Greenbone Networks GmbH");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC31");
script_xref(name:"FEDORA", value:"2020-b0acd7b66e");
script_xref(name:"URL", value:"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3BMTC7I5LGY4FCIZLHPNC4WWC6VNLFER");
script_tag(name:"summary", value:"The remote host is missing an update for the 'clamav'
package(s) announced via the FEDORA-2020-b0acd7b66e advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this
software is the integration with mail servers (attachment scanning). The
package provides a flexible and scalable multi-threaded daemon, a command
line scanner, and a tool for automatic updating via Internet. The programs
are based on a shared library distributed with the Clam AntiVirus package,
which you can use with your own software. The virus database is based on
the virus database from OpenAntiVirus, but contains additional signatures
(including signatures for popular polymorphic viruses, too) and is KEPT UP
TO DATE.");
script_tag(name:"affected", value:"'clamav' package(s) on Fedora 31.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "FC31") {
if(!isnull(res = isrpmvuln(pkg:"clamav", rpm:"clamav~0.102.3~1.fc31", rls:"FC31"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo