Lucene search
Copyright (C) 2023 Greenbone AGOPENVAS:1361412562311122015233HistoryMar 08, 2023 - 12:00 a.m.
Debian: Security Advisory (DLA-233-1)
2023-03-0800:00:00
Copyright (C) 2023 Greenbone AG
plugins.openvas.org
6
The remote host is missing an update for the Debian
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.1.2.2015.233");
script_cve_id("CVE-2014-9328", "CVE-2015-1461", "CVE-2015-1462", "CVE-2015-1463", "CVE-2015-2170", "CVE-2015-2221", "CVE-2015-2222", "CVE-2015-2305", "CVE-2015-2668");
script_tag(name:"creation_date", value:"2023-03-08 12:56:44 +0000 (Wed, 08 Mar 2023)");
script_version("2024-02-02T05:06:10+0000");
script_tag(name:"last_modification", value:"2024-02-02 05:06:10 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Debian: Security Advisory (DLA-233-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2023 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB6");
script_xref(name:"Advisory-ID", value:"DLA-233-1");
script_xref(name:"URL", value:"https://www.debian.org/lts/security/2015/DLA-233-1");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'clamav' package(s) announced via the DLA-233-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Upstream published version 0.98.7. This update updates sqeeze-lts to the latest upstream release in line with the approach used for other Debian releases.
The changes are not strictly required for operation, but users of the previous version in Squeeze may not be able to make use of all current virus signatures and might get warnings.
The bug fixes that are part of this release include security fixes related to packed or crypted files (CVE-2014-9328, CVE-2015-1461, CVE-2015-1462, CVE-2015-1463, CVE-2015-2170, CVE-2015-2221, CVE-2015-2222, and CVE-2015-2668) and several fixes to the embedded libmspack library, including a potential infinite loop in the Quantum decoder (CVE-2014-9556).
If you use clamav, we strongly recommend that you upgrade to this version.");
script_tag(name:"affected", value:"'clamav' package(s) on Debian 6.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB6") {
if(!isnull(res = isdpkgvuln(pkg:"clamav", ver:"0.98.7+dfsg-0+deb6u1", rls:"DEB6"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"clamav-base", ver:"0.98.7+dfsg-0+deb6u1", rls:"DEB6"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"clamav-daemon", ver:"0.98.7+dfsg-0+deb6u1", rls:"DEB6"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"clamav-dbg", ver:"0.98.7+dfsg-0+deb6u1", rls:"DEB6"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"clamav-docs", ver:"0.98.7+dfsg-0+deb6u1", rls:"DEB6"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"clamav-freshclam", ver:"0.98.7+dfsg-0+deb6u1", rls:"DEB6"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"clamav-milter", ver:"0.98.7+dfsg-0+deb6u1", rls:"DEB6"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"clamav-testfiles", ver:"0.98.7+dfsg-0+deb6u1", rls:"DEB6"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libclamav-dev", ver:"0.98.7+dfsg-0+deb6u1", rls:"DEB6"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"libclamav6", ver:"0.98.7+dfsg-0+deb6u1", rls:"DEB6"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
osv
osv
clamav - security update
2015-05-28 00:00:00
php5 - security update
2016-02-29 00:00:00
php5 - security update
2015-03-18 00:00:00
nessus
nessus
Debian DLA-233-1 : clamav security and upstream version update
2015-05-29 00:00:00
GLSA-201512-08 : ClamAV: Multiple vulnerabilities
2016-01-04 00:00:00
Fedora 21 : clamav-0.98.7-1.fc21 (2015-7334)
2015-05-04 00:00:00
debian
debian
[SECURITY] [DLA 233-1] clamav security and upstream version update
2015-05-29 03:57:55
[SECURITY] [DLA 444-1] php5 security update
2016-02-29 18:45:25
[SECURITY] [DSA 3195-1] php5 security update
2015-03-18 11:57:05
openvas
openvas
Gentoo Security Advisory GLSA 201512-08
2015-12-31 00:00:00
Mageia: Security Advisory (MGASA-2015-0190)
2022-01-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0882-2)
2021-04-19 00:00:00
gentoo
gentoo
ClamAV: Multiple vulnerabilities
2015-12-30 00:00:00
securityvulns
securityvulns
ClamAV multiple security vulnerabilities
2015-05-04 00:00:00
[ MDVSA-2015:221 ] clamav
2015-05-04 00:00:00
[ MDVSA-2015:042 ] clamav
2015-02-11 00:00:00
archlinux
archlinux
clamav: multiple issues
2015-05-03 00:00:00
clamav: arbitrary code execution
2015-02-06 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: clamav-0.98.7-1.fc22
2015-05-03 17:21:27
[SECURITY] Fedora 20 Update: clamav-0.98.7-1.fc20
2015-05-12 20:46:17
[SECURITY] Fedora 21 Update: clamav-0.98.7-1.fc21
2015-05-02 18:12:06
ubuntu
ubuntu
ClamAV vulnerabilities
2015-05-05 00:00:00
ClamAV vulnerability
2015-02-02 00:00:00
ClamAV vulnerability
2015-02-12 00:00:00
freebsd
freebsd
clamav -- multiple vulnerabilities
2015-04-29 00:00:00
libmspack -- frame_end overflow which could cause infinite loop
2014-12-11 00:00:00
Several vulnerabilities found in PHP
2015-03-19 00:00:00
mageia
mageia
Updated clamav packages fix security vulnerabilities
2015-05-05 16:36:50
Updated clamav packages fix security vulnerabilities
2015-02-10 00:44:14
Updated cabextract packages fix CVE-2014-9556
2015-02-06 01:26:07
suse
suse
Security update for clamav (important)
2015-02-17 03:04:56
Security update for clamav (important)
2015-02-13 16:05:18
Security update for php5 (important)
2015-05-13 15:07:04
amazon
amazon
ubuntucve
ubuntucve
altlinux
altlinux
Security fix for the ALT Linux 8 package clamav version 0.98.6-alt1
2015-01-28 00:00:00
Security fix for the ALT Linux 9 package clamav version 0.98.6-alt1
2015-01-28 00:00:00
Security fix for the ALT Linux 10 package clamav version 0.98.6-alt1
2015-01-28 00:00:00
cvelist
cvelist
prion
prion
Heap overflow
2015-02-03 16:59:00
Heap overflow
2015-02-03 16:59:00
Design/Logic Flaw
2015-05-12 19:59:00
debiancve
debiancve
cve
cve
checkpoint_advisories
checkpoint_advisories
ClamAV UPX File Handling Integer Overflow (CVE-2015-2170)
2015-07-28 00:00:00
f5
f5
K16831 : BSD regex library vulnerability CVE-2015-2305
2015-07-01 00:00:00
SOL16831 - BSD regex library vulnerability CVE-2015-2305
2015-07-01 00:00:00
veracode
veracode
Heap-based Buffer Overflow
2019-05-02 05:39:23
kaspersky
kaspersky
KLA10515 Multiple vulnerabilities in PHP and extensions
2015-03-30 00:00:00
slackware
slackware
[slackware-security] php
2015-04-22 01:22:40
9.7 High
AI Score
Confidence
High
0.049 Low
EPSS
Percentile
92.8%
Related for OPENVAS:1361412562311122015233