ClamAV 0.87.1 released, fixes multiple security vulnerabilities
Vulnerabilities in anti virus programs seem to be popular lately.
A new version of ClamAV, 0.87.1, has been released. It addresses several security vulnerabilities.
The most critical one allows remote attackers to execute arbitrary code by supplying a malformed file to vulnerable ClamAV installations. The specific flaw is in the part which unpacks executable files compressed with FSG packer v1.33.
Besides this, the released version also fixes two DoS vulnerabilities published by iDefense.
Since ClamAV is often used to scan e-mail attachments on gateways (and therefore practically any user can send a malicious file which will be parsed by the gateway), although we have not yet had reports about exploits for this vulnerability, you should be proactive and install the new version.
The latest version can be downloaded from http://prdownloads.sourceforge.net/clamav/clamav-0.87.1.tar.gz?download
A new version of ClamAV, 0.87.1, has been released. It addresses several security vulnerabilities.
The most critical one allows remote attackers to execute arbitrary code by supplying a malformed file to vulnerable ClamAV installations. The specific flaw is in the part which unpacks executable files compressed with FSG packer v1.33.
Besides this, the released version also fixes two DoS vulnerabilities published by iDefense.
Since ClamAV is often used to scan e-mail attachments on gateways (and therefore practically any user can send a malicious file which will be parsed by the gateway), although we have not yet had reports about exploits for this vulnerability, you should be proactive and install the new version.
The latest version can be downloaded from http://prdownloads.sourceforge.net/clamav/clamav-0.87.1.tar.gz?download
Keywords:
0 comment(s)
My next class:
Web App Penetration Testing and Ethical Hacking | Munich | Oct 14th - Oct 19th 2024 |
×
Diary Archives
Comments