[clamav-users] Injection Vulnerability in 0.99.2
Al Varnell
alvarnell at mac.com
Thu Sep 28 20:47:42 UTC 2017
The URL was corrupted in the e-mail I received. See if this works:
<http://www.securityspace.com/smysecure/catid.html?id=1.3.6.1.4.1.25623.1.0.105762>
And quoting the info found there:
> Test ID: 1.3.6.1.4.1.25623.1.0.105762
> Category: General
> Title: ClamAV `Service Commands` Injection Vulnerability
> Summary: ClamAV 0.99.2, and possibly other previous versions, allow the execution of clamav commands SCAN and SHUTDOWN without authentication.
> Description: Summary:
> ClamAV 0.99.2, and possibly other previous versions, allow the execution of clamav commands SCAN and SHUTDOWN without authentication.
>
> CVSS Score:
> 5.0
>
> CVSS Vector:
> AV:N/AC:L/Au:N/C:P/I:N/A:N
>
> Copyright Copyright (C) 2016 Greenbone Networks GmbH
-Al-
On Thu, Sep 28, 2017 at 01:42 PM, Jonathan Stockley wrote:
>
> Hi,
> We¹ve been using ClamAV 0.99.2 for some time. Our security team has
> recently done a scan and reported that this version of ClamAV has the
> injection vulnerability cited here:
> http://www.securityspace.com/smysecure/catid.html?id=1.3.6.1.4.1.25623.1.0.
> 105762
>
>
> I checked and 0.99.2 is the latest stable release with 0.99.3 in beta.
> Is the cited vulnerability fixed in the 0.99.3-beta1 release?
> If not, is there an approximate time for when this will be fixed?
>
> Thanks,
> Jo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3569 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20170928/ab12c41f/attachment.bin>
More information about the clamav-users
mailing list