Test Kennung:	1.3.6.1.4.1.25623.1.0.60868
Kategorie:	SuSE Local Security Checks
Titel:	SuSE Security Advisory SUSE-SA:2008:024 (clamav)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory SUSE-SA:2008:024. The AntiVirus scan engine ClamAV was updated to version 0.93 fixes a long list of vulnerabilities. These vulnerabilities can lead to remote code execution, bypassing the scanning engine, remote denial-of-service, local file overwrite. (CVE-2008-1837, CVE-2008-1836, CVE-2008-1835, CVE-2008-1833, CVE-2008-1387, CVE-2008-1100, CVE-2008-0314, CVE-2007-6595, CVE-2007-6596) Since the library changed, we also released updated klamav packages for openSUSE 10.2 and 10.3. Solution: Update your system with the packages as indicated in the referenced security advisory. http://www.securityspace.com/smysecure/catid.html?in=SUSE-SA:2008:024 Risk factor : Critical CVSS Score: 10.0
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2007-6595 BugTraq ID: 27064 http://www.securityfocus.com/bid/27064 Bugtraq: 20071229 TK53 Advisory #2: Multiple vulnerabilities in ClamAV (Google Search) http://www.securityfocus.com/archive/1/485631/100/0/threaded Debian Security Information: DSA-1497 (Google Search) http://www.debian.org/security/2008/dsa-1497 http://security.gentoo.org/glsa/glsa-200808-07.xml http://www.mandriva.com/security/advisories?name=MDVSA-2008:088 http://securitytracker.com/id?1019148 http://secunia.com/advisories/28949 http://secunia.com/advisories/29891 http://secunia.com/advisories/31437 http://securityreason.com/securityalert/3501 SuSE Security Announcement: SUSE-SA:2008:024 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00009.html http://www.vupen.com/english/advisories/2008/0606 XForce ISS Database: clamantivirus-cligentempfd-symlink(39335) https://exchange.xforce.ibmcloud.com/vulnerabilities/39335 XForce ISS Database: clamantivirus-sigtool-file-overwrite(39339) https://exchange.xforce.ibmcloud.com/vulnerabilities/39339 Common Vulnerability Exposure (CVE) ID: CVE-2007-6596 http://www.securitytracker.com/id?1019148 XForce ISS Database: clamantivirus-base64uue-security-bypass(39337) https://exchange.xforce.ibmcloud.com/vulnerabilities/39337 Common Vulnerability Exposure (CVE) ID: CVE-2008-0314 http://lists.apple.com/archives/security-announce//2008/Sep/msg00005.html BugTraq ID: 28784 http://www.securityfocus.com/bid/28784 Cert/CC Advisory: TA08-260A http://www.us-cert.gov/cas/techalerts/TA08-260A.html CERT/CC vulnerability note: VU#858595 http://www.kb.cert.org/vuls/id/858595 Debian Security Information: DSA-1549 (Google Search) http://www.debian.org/security/2008/dsa-1549 https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00576.html https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00625.html https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00249.html http://security.gentoo.org/glsa/glsa-200805-19.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=686 http://www.securitytracker.com/id?1019851 http://secunia.com/advisories/29863 http://secunia.com/advisories/29886 http://secunia.com/advisories/29975 http://secunia.com/advisories/30253 http://secunia.com/advisories/30328 http://secunia.com/advisories/31576 http://secunia.com/advisories/31882 http://www.vupen.com/english/advisories/2008/1227/references http://www.vupen.com/english/advisories/2008/2584 XForce ISS Database: clamav-spin-bo(41823) https://exchange.xforce.ibmcloud.com/vulnerabilities/41823 Common Vulnerability Exposure (CVE) ID: CVE-2008-1100 BugTraq ID: 28756 http://www.securityfocus.com/bid/28756 http://secunia.com/secunia_research/2008-11/advisory/ http://www.securitytracker.com/id?1019837 http://secunia.com/advisories/29000 SuSE Security Announcement: openSUSE-SU-2015:0906 (Google Search) http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html http://www.vupen.com/english/advisories/2008/1218/references XForce ISS Database: clamav-cliscanpe-bo(41789) https://exchange.xforce.ibmcloud.com/vulnerabilities/41789 Common Vulnerability Exposure (CVE) ID: CVE-2008-1387 BugTraq ID: 28782 http://www.securityfocus.com/bid/28782 Bugtraq: 20080415 clamav: Endless loop / hang with crafter arj, CVE-2008-1387 (Google Search) http://www.securityfocus.com/archive/1/490863/100/0/threaded http://int21.de/cve/CVE-2008-1387-clamav.html http://www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html http://www.ee.oulu.fi/research/ouspg/protos/testing/c10/archive/ XForce ISS Database: clamav-arj-unspecified-dos(41822) https://exchange.xforce.ibmcloud.com/vulnerabilities/41822 Common Vulnerability Exposure (CVE) ID: CVE-2008-1833 BugTraq ID: 28798 http://www.securityfocus.com/bid/28798 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=687 http://www.securitytracker.com/id?1019850 XForce ISS Database: clamav-wwpack-pe-bo(41833) https://exchange.xforce.ibmcloud.com/vulnerabilities/41833 Common Vulnerability Exposure (CVE) ID: CVE-2008-1835 XForce ISS Database: clamav-rar-weak-security(41874) https://exchange.xforce.ibmcloud.com/vulnerabilities/41874 Common Vulnerability Exposure (CVE) ID: CVE-2008-1836 XForce ISS Database: clamav-rfc2231-dos(41868) https://exchange.xforce.ibmcloud.com/vulnerabilities/41868 Common Vulnerability Exposure (CVE) ID: CVE-2008-1837 XForce ISS Database: clamav-libclamunrar-dos(41870) https://exchange.xforce.ibmcloud.com/vulnerabilities/41870
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.