 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.67430 |
| Categoría: | Mandrake Local Security Checks |
| Título: | Mandriva Security Advisory MDVSA-2010:082-1 (clamav) |
| Resumen: | NOSUMMARY |
| Descripción: | Description: The remote host is missing an update to clamav announced via advisory MDVSA-2010:082-1. Multiple vulnerabilities has been found and corrected in clamav: ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote attackers to bypass virus detection via a crafted archive that is compatible with standard archive utilities (CVE-2010-0098). The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted CAB archive that uses the Quantum (aka .Q) compression format. NOTE: some of these details are obtained from third party information (CVE-2010-1311). This update provides clamav 0.96, which is not vulnerable to these issues. Update: Packages for 2009.0 are provided due to the Extended Maintenance Program. Affected: 2009.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:082-1 Risk factor : Critical CVSS Score: 10.0 |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-0098 http://lists.apple.com/archives/security-announce/2010//Aug/msg00003.html BugTraq ID: 39262 http://www.securityfocus.com/bid/39262 http://www.mandriva.com/security/advisories?name=MDVSA-2010:082 http://www.openwall.com/lists/oss-security/2010/04/06/4 http://www.openwall.com/lists/oss-security/2010/04/08/3 http://secunia.com/advisories/39293 http://secunia.com/advisories/39329 http://secunia.com/advisories/39656 SuSE Security Announcement: SUSE-SR:2010:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html http://www.ubuntu.com/usn/USN-926-1 http://www.vupen.com/english/advisories/2010/0827 http://www.vupen.com/english/advisories/2010/0832 http://www.vupen.com/english/advisories/2010/0909 http://www.vupen.com/english/advisories/2010/1001 http://www.vupen.com/english/advisories/2010/1206 Common Vulnerability Exposure (CVE) ID: CVE-2010-1311 |
| Copyright | Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com |
| Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |