ClamAV CVE-2019-15961 Denial of Service Vulnerability

2019-11-20T00:00:00
ID SMNTC-110968
Type symantec
Reporter Symantec Security Response
Modified 2019-11-20T00:00:00

Description

Description

ClamAV is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. Versions prior to ClamAV 0.102.1 and 0.101.5 are vulnerable.

Technologies Affected

  • Cisco ClamAV 0.100
  • Cisco ClamAV 0.101
  • Cisco ClamAV 0.101.4
  • Cisco ClamAV 0.102.0
  • Cisco ClamAV 0.97.8
  • Cisco ClamAV 0.98.0
  • Cisco ClamAV 0.98.4
  • Cisco ClamAV 0.98.5
  • Cisco ClamAV 0.98.6
  • Cisco ClamAV 0.98.7
  • Cisco ClamAV 0.99
  • Cisco ClamAV 0.99.2

Recommendations

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to detect and block attacks and anomalous activity such as requests containing suspicious URI sequences. Since the webserver may log such requests, review its logs regularly.

Do not accept or execute files from untrusted or unknown sources.
To limit exposure to these and other latent vulnerabilities, never handle files that originate from unfamiliar or untrusted sources.

When possible, limit the privileges granted to users to the least amount required.
Ensure that all users are granted the least amount of privileges required to successfully operate.

Updates are available. Please see the references or vendor advisory for more information.