Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> Gentoo Local Security Checks >> [GLSA-200612-18] ClamAV: Denial of Service

Vulnerability Assessment Details

[GLSA-200612-18] ClamAV: Denial of Service
Vulnerability Assessment Summary
ClamAV: Denial of Service

Detailed Explanation for this Vulnerability Assessment
The remote host is affected by the vulnerability described in GLSA-200612-18
(ClamAV: Denial of Service)


Hendrik Weimer discovered that ClamAV fails to properly handle deeply
nested MIME multipart/mixed content.

Impact

By sending a specially crafted email with deeply nested MIME
multipart/mixed content a possible hacker could cause ClamAV to crash.

Workaround

There is no known workaround at this time.

References:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6481


Solution:
All ClamAV users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-antivirus/clamav-0.88.7"


Network Security Threat Level: Medium


Networks Security ID:

Vulnerability Assessment Copyright: (C) 2006 Michel Arboi
Cables, Connectors


Supermicro 4U 4x Nvidia GPU AI Server 2.1Ghz 16-Core 192GB 2x10G SFP+ 2x2200W picture

Supermicro 4U 4x Nvidia GPU AI Server 2.1Ghz 16-Core 192GB 2x10G SFP+ 2x2200W

$1250.00


Dell EMC PowerEdge R7615 Server AMD 9224 24C 192GB DDR5, 2x 480GB + 10x 14TB HDD picture

Dell EMC PowerEdge R7615 Server AMD 9224 24C 192GB DDR5, 2x 480GB + 10x 14TB HDD

$6949.99


Genuine HP ProLiant MicroServer Gen8 Intel Pentium G2020T 2.5GHz 712318-001 picture

Genuine HP ProLiant MicroServer Gen8 Intel Pentium G2020T 2.5GHz 712318-001

$199.95


HP ProLiant Xeon E3-1220L V2 MicroServer Gen8 2.30 GHz 16 GB RAM NO DRIVES picture

HP ProLiant Xeon E3-1220L V2 MicroServer Gen8 2.30 GHz 16 GB RAM NO DRIVES

$199.00


SuperMicro Scale CSE-813M Xeon E5-2620 v4 128 GB DDR4 1U Server No Drives/No OS picture

SuperMicro Scale CSE-813M Xeon E5-2620 v4 128 GB DDR4 1U Server No Drives/No OS

$219.99


HP PROLIANT ML30 GEN10 INTEL XEON E-2224 3.40 GHz 16GB RAM SKU#55339 picture

HP PROLIANT ML30 GEN10 INTEL XEON E-2224 3.40 GHz 16GB RAM SKU#55339

$223.99


Genuine HP ProLiant MicroServer Gen8 without the part on the front w power cord picture

Genuine HP ProLiant MicroServer Gen8 without the part on the front w power cord

$185.92


SuperMicro Server 505-2 Intel Atom 2.4GHz 8GB RAM SYS-5018A-FTN4 1U Rackmount picture

SuperMicro Server 505-2 Intel Atom 2.4GHz 8GB RAM SYS-5018A-FTN4 1U Rackmount

$202.49


1U Supermicro Server 10 Bay 2x Intel Xeon 3.3Ghz 8C 128GB RAM 480GB SSD 2x 10GBE picture

1U Supermicro Server 10 Bay 2x Intel Xeon 3.3Ghz 8C 128GB RAM 480GB SSD 2x 10GBE

$297.00


SuperMicro Scale CSE-813M Xeon E5-2620 v4 128 GB DDR4 1U Server No Drives/No OS picture

SuperMicro Scale CSE-813M Xeon E5-2620 v4 128 GB DDR4 1U Server No Drives/No OS

$219.99


Discussions

No Discussions have been posted on this vulnerability.