ClamAV < 0.99 Remote Denial of Service

medium Log Correlation Engine Plugin ID 802006

Synopsis

The specific version of ClamAV that the client is running is vulnerable to a remote denial of service.

Description

Cisco ClamAV contains a flaw that is triggered when handling the scan of a specially crafted document. This may allow a remote attacker to cause the Advance Malware Protection (AMP) process to restart.

Solution

It has been reported that this has been fixed. Please refer to the product listing for upgraded versions that address this vulnerability.

See Also

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160531-wsa-esa

https://tools.cisco.com/bugsearch/bug/CSCuv78533

https://tools.cisco.com/bugsearch/bug/CSCuw60503

Plugin Details

Severity: Medium

ID: 802006

Family: Generic

Published: 8/23/2016

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

Patch Publication Date: 5/31/2016

Vulnerability Publication Date: 5/31/2016

Reference Information

CVE: CVE-2016-1405