FYI...
ClamAV multiple vulnerabilities - updates available
- https://secunia.com/advisories/62542/
Release Date: 2014-11-27
Criticality: Highly Critical
Where: From remote
Impact: System access
Solution Status: Vendor Patch...
- http://www.securitytracker.com/id/1031267
CVE Reference: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2013-6497
Nov 27 2014
Impact: Denial of service via network
Fix Available: Yes Vendor Confirmed: Yes ...
Version(s): prior to 0.98.5
Description: A vulnerability was reported in Clam AntiVirus. A remote or local user can cause denial of service conditions.
Impact: A user can cause the target service to crash...
Solution: The vendor has issued a fix (0.98.5)...
- http://www.securitytracker.com/id/1031268
CVE Reference: https://cve.mitre.org/cgi-bin/cvenam...=CVE-2014-9050
Nov 27 2014
Impact: Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 0.98.5
Impact: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can cause denial of service conditions...
The vendor's advisory is available at:
- http://blog.clamav.net/2014/11/clama...-released.html
Nov 18 2014 - "... ClamAV 0.98.5 includes new features and bug fixes..."
> http://www.clamav.net/download.html
- http://www.clamav.net/about.html
- http://www.clamav.net/doc/install.html
- https://twitter.com/clamav