📄 clamav-cb-a08-0001.nasl
字号:
## This script was written by Carsten Koch-Mauthe <c.koch-mauthe at dn-systems.de># Slight modification by Vlatko Kosturjak - Kost <kost@linux.hr># This script is released under the GNU GPLv2## $Revision: 06 $if(description){ script_id(90000); script_version ("$Revision: 06 $"); name["english"] = "ClamAV < 0.93.1 vulnerability"; script_name(english:name["english"]); desc["english"] = "The remote host is probably affected by the vulnerabilities described inCVE 2007-6335 CVE 2007-6336 CVE 2007-6337 CVE-2008-0318 CVE-2008-1100 CVE-2008-1387 CVE-2008-2713Impact CVE 2008-2713 libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read. CVE 2008-1387 ClamAV before 0.93 allows remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive, as demonstrated by the PROTOS GENOME test suite for Archive Formats. CVE 2008-1100 Buffer overflow in the cli_scanpe function in libclamav (libclamav/pe.c) for ClamAV 0.92 and 0.92.1 allows remote attackers to execute arbitrary code via a crafted Upack PE file. CVE 2008-0318 Integer overflow in the cli_scanpe function in libclamav in ClamAV before 0.92.1, as used in clamd, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggers a heap-based buffer overflow. CVE 2007-6337 Unspecified vulnerability in the bzip2 decompression algorithm in nsis/bzlib_private.h in ClamAV before 0.92 has unknown impact and remote attack vectors. CVE 2007-6336 Off-by-one error in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MS-ZIP compressed CAB file. CVE 2007-6335 Integer overflow in libclamav in ClamAV before 0.92 allows remote attackers to execute arbitrary code via a crafted MEW packed PE file, which triggers a heap-based buffer overflow.References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2713 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1387 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1100 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0318 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6337 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6336 http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6335Solution: All ClamAV users should upgrade to the latest version:Risk factor : High"; script_description(english:desc["english"]); summary["english"] = "Determines the Version of ClamAV"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is under GPLv2"); family["english"] = "Local test"; script_family(english:family["english"]); script_dependencies("ssh_authorization.nasl"); exit(0);}## The code starts here#include("version_func.inc");clamavcnt = 0;r = find_bin(prog_name:"clamscan");foreach binary_name (r) { binary_name = chomp(binary_name); ver = get_bin_version(full_prog_name:binary_name, version_argv:"--version", ver_pattern:"([0-9\.]+)"); if(ver != NULL) { clamavcnt++; if(version_is_less(version:ver[0], test_version:"0.93.1") ) { security_hole(port:0, proto:"ClamAV"); report = string("\nFound : ") + binary_name + " Version : " + ver[max_index(ver)-1] + string("\n"); security_hole(port:0, proto:"ClamAV", data:report); } else { report = "This host appears to be running ClamAV" + string("\n"); report = report + string("\nFound : ") + binary_name + " Version : " + ver[max_index(ver)-1] + string("\n"); security_note(port:0, proto:"ClamAV", data:report); } }}if (report_verbosity > 1) { if(clamavcnt == 0) { report = "ClamAV not found or ssh login not possible on this host." + string("\n"); security_note(port:0, proto:"ClamAV", data:report); }}exit(0);⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -