Lucene search
Copyright (C) 2009 Greenbone Networks GmbHOPENVAS:830551HistoryApr 09, 2009 - 12:00 a.m.
Mandriva Update for clamav MDVSA-2008:003 (clamav)
2009-04-0900:00:00
Copyright (C) 2009 Greenbone Networks GmbH
plugins.openvas.org
5
0.246 Low
EPSS
Percentile
96.2%
Check for the Version of clamav
###############################################################################
# OpenVAS Vulnerability Test
#
# Mandriva Update for clamav MDVSA-2008:003 (clamav)
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_insight = "An integer overflow vulnerability was reported by iDefense with clamav
when parsing Portable Executable (PE) files packed in he MEW format.
This could be exploited to cause a heap-based buffer overflow
(CVE-2007-6335).
Toeroek Edwin reported an off-by-one error when decompressing MS-ZIP
compressed CAB files (CVE-2007-6336).
As well, an unspecified vulnerability related to the bzip2
decompression algorithm was also discovered (CVE-2007-6337).
Other bugs have also been corrected in 0.92 which is being provided
with this update. Because this new version has increased the major
of the libclamav library, updated dependent packages are also being
provided.";
tag_affected = "clamav on Mandriva Linux 2007.0,
Mandriva Linux 2007.0/X86_64,
Mandriva Linux 2007.1,
Mandriva Linux 2007.1/X86_64,
Mandriva Linux 2008.0,
Mandriva Linux 2008.0/X86_64";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://lists.mandriva.com/security-announce/2008-01/msg00007.php");
script_id(830551);
script_version("$Revision: 6568 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $");
script_tag(name:"creation_date", value:"2009-04-09 14:26:37 +0200 (Thu, 09 Apr 2009)");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_xref(name: "MDVSA", value: "2008:003");
script_cve_id("CVE-2007-6335", "CVE-2007-6336", "CVE-2007-6337");
script_name( "Mandriva Update for clamav MDVSA-2008:003 (clamav)");
script_summary("Check for the Version of clamav");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone Networks GmbH");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/release");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "insight" , value : tag_insight);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "MNDK_2007.1")
{
if ((res = isrpmvuln(pkg:"clamav", rpm:"clamav~0.92~1.2mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"clamav-db", rpm:"clamav-db~0.92~1.2mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"clamav-milter", rpm:"clamav-milter~0.92~1.2mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"clamd", rpm:"clamd~0.92~1.2mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"clamdmon", rpm:"clamdmon~0.92~1.2mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"klamav", rpm:"klamav~0.41~2.1mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libclamav-devel", rpm:"libclamav-devel~0.92~1.2mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libclamav3", rpm:"libclamav3~0.92~1.2mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64clamav-devel", rpm:"lib64clamav-devel~0.92~1.2mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64clamav3", rpm:"lib64clamav3~0.92~1.2mdv2007.1", rls:"MNDK_2007.1")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_2007.0")
{
if ((res = isrpmvuln(pkg:"clamav", rpm:"clamav~0.92~1.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"clamav-db", rpm:"clamav-db~0.92~1.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"clamav-milter", rpm:"clamav-milter~0.92~1.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"clamd", rpm:"clamd~0.92~1.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"clamdmon", rpm:"clamdmon~0.92~1.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"klamav", rpm:"klamav~0.41~1.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libclamav-devel", rpm:"libclamav-devel~0.92~1.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libclamav3", rpm:"libclamav3~0.92~1.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64clamav-devel", rpm:"lib64clamav-devel~0.92~1.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64clamav3", rpm:"lib64clamav3~0.92~1.2mdv2007.0", rls:"MNDK_2007.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
if(release == "MNDK_2008.0")
{
if ((res = isrpmvuln(pkg:"clamav", rpm:"clamav~0.92~1.2mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"clamav-db", rpm:"clamav-db~0.92~1.2mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"clamav-milter", rpm:"clamav-milter~0.92~1.2mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"clamd", rpm:"clamd~0.92~1.2mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"clamdmon", rpm:"clamdmon~0.92~1.2mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"klamav", rpm:"klamav~0.41.1~2.1mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libclamav-devel", rpm:"libclamav-devel~0.92~1.2mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"libclamav3", rpm:"libclamav3~0.92~1.2mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64clamav-devel", rpm:"lib64clamav-devel~0.92~1.2mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"lib64clamav3", rpm:"lib64clamav3~0.92~1.2mdv2008.0", rls:"MNDK_2008.0")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
Related
nessus
nessus
Fedora 8 : clamav-0.92-6.fc8 (2008-0115)
2008-01-27 00:00:00
Fedora 7 : clamav-0.92-6.fc7 (2008-0170)
2008-01-27 00:00:00
Mandriva Linux Security Advisory : clamav (MDVSA-2008:003)
2009-04-23 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200712-20 (clamav)
2008-09-24 00:00:00
SLES9: Security update for clamav
2009-10-10 00:00:00
Gentoo Security Advisory GLSA 200712-20 (clamav)
2008-09-24 00:00:00
fedora
fedora
[SECURITY] Fedora 8 Update: clamav-0.92-6.fc8
2008-01-22 15:54:56
[SECURITY] Fedora 7 Update: clamav-0.92-6.fc7
2008-01-22 15:33:16
[SECURITY] Fedora 8 Update: clamav-0.92.1-1.fc8
2008-02-13 05:16:27
gentoo
gentoo
ClamAV: Multiple vulnerabilities
2007-12-29 00:00:00
f5
f5
osv
osv
clamav
2007-12-19 00:00:00
debian
debian
[SECURITY] [DSA 1435-1] New clamav packages fix several vulnerabilities
2007-12-19 17:38:04
checkpoint_advisories
checkpoint_advisories
ClamAV libclamav MEW PE File Handling Integer Overflow (CVE-2007-6335)
2009-10-01 00:00:00
ubuntucve
ubuntucve
prion
prion
Integer overflow
2007-12-20 01:46:00
Design/Logic Flaw
2007-12-31 19:46:00
Code injection
2007-12-20 01:46:00
debiancve
debiancve
cve
cve
exploitpack
exploitpack
ClamAV 0.91.2 - libclamav MEW PE Buffer Overflow
2008-01-07 00:00:00
seebug
seebug
ClamAV 0.91.2 libclamav MEW PE Buffer Overflow Exploit
2008-01-08 00:00:00
securityvulns
securityvulns
ClamAV antivirus integer overflow
2007-12-19 00:00:00
exploitdb
exploitdb
ClamAV 0.91.2 - libclamav MEW PE Buffer Overflow
2008-01-07 00:00:00