Vulnerabilities > CVE-2010-4479 - Unspecified vulnerability in Clamav

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

clamav

nessus

NVD

Published: 2010-12-07

Updated: 2023-11-07

Summary

Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, aka "bb #2380," a different vulnerability than CVE-2010-4260.

Vulnerable Configurations

Part	Description	Count
Application	Clamav Clamav Clamav 0.95.2 Clamav Clamav 0.86.2 Clamav Clamav 0.88.5 Clamav Clamav 0.02 Clamav Clamav 0.92 Clamav Clamav 0.95 Clamav Clamav 0.8 Clamav Clamav 0.15 Clamav Clamav 0.90 Clamav Clamav 0.75.1 Clamav Clamav 0.65 Clamav Clamav 0.88.7 Clamav Clamav 0.81 Clamav Clamav 0.86 Clamav Clamav 0.01 Clamav Clamav 0.92_P0 Clamav Clamav 0.85 Clamav Clamav 0.84 Clamav Clamav 0.3 Clamav Clamav 0.91.2_P0 Clamav Clamav 0.93.1 Clamav Clamav 0.95.1 Clamav Clamav 0.93 Clamav Clamav 0.70 Clamav Clamav 0.68.1 Clamav Clamav 0.03 Clamav Clamav 0.87.1 Clamav Clamav 0.9 Clamav Clamav 0.74 Clamav Clamav 0.93.3 Clamav Clamav 0.88 Clamav Clamav 0.91 Clamav Clamav 0.86.1 Clamav Clamav 0.71 Clamav Clamav 0.88.1 Clamav Clamav 0.60P Clamav Clamav 0.94 Clamav Clamav 0.80 Clamav Clamav 0.91.2 Clamav Clamav 0.96.3 Clamav Clamav 0.90.3 Clamav Clamav 0.85.1 Clamav Clamav 0.96.2 Clamav Clamav 0.13 Clamav Clamav 0.10 Clamav Clamav 0.94.2 Clamav Clamav 0.96.1 Clamav Clamav 0.90.1_P0 Clamav Clamav 0.12 Clamav Clamav 0.88.7_P0 Clamav Clamav 0.23 Clamav Clamav 0.90.3_P1 Clamav Clamav 0.60 Clamav Clamav 0.88.2 Clamav Clamav 0.83 Clamav Clamav 0.20 Clamav Clamav 0.88.4 Clamav Clamav 0.90.3_P0 Clamav Clamav 0.14 Clamav Clamav 0.24 Clamav Clamav 0.96 Clamav Clamav 0.90.2_P0 Clamav Clamav 0.66 Clamav Clamav 0.51 Clamav Clamav 0.52 Clamav Clamav 0.22 Clamav Clamav 0.72 Clamav Clamav - Clamav Clamav 0.05 Clamav Clamav 0.21 Clamav Clamav 0.53 Clamav Clamav 0.54 Clamav Clamav 0.67 Clamav Clamav 0.67-1 Clamav Clamav 0.68 Clamav Clamav 0.70.0 Clamav Clamav 0.71.0 Clamav Clamav 0.72.0 Clamav Clamav 0.73 Clamav Clamav 0.73.0 Clamav Clamav 0.74.0 Clamav Clamav 0.75 Clamav Clamav 0.75.0 Clamav Clamav 0.80.0 Clamav Clamav 0.80_Rc Clamav Clamav 0.81.0 Clamav Clamav 0.82 Clamav Clamav 0.82.0 Clamav Clamav 0.83.0 Clamav Clamav 0.84.0 Clamav Clamav 0.85.0 Clamav Clamav 0.86.0 Clamav Clamav 0.87 Clamav Clamav 0.87.0 Clamav Clamav 0.88.0 Clamav Clamav 0.88.3 Clamav Clamav 0.88.6 Clamav Clamav 0.88.7_P1 Clamav Clamav 0.90.0 Clamav Clamav 0.90.1 Clamav Clamav 0.90.2 Clamav Clamav 0.91.0 Clamav Clamav 0.91.1 Clamav Clamav 0.92.0 Clamav Clamav 0.92.1 Clamav Clamav 0.93.0 Clamav Clamav 0.93.2 Clamav Clamav 0.94.0 Clamav Clamav 0.94.1 Clamav Clamav 0.95.0 Clamav Clamav 0.95.3 Clamav Clamav 0.96.0 Clamav Clamav 0.96.4	137

Nessus

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2010-18568.NASL
description	- Sat Dec 4 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.96.5-1400 - updated to 0.96.5 - CVE-2010-4260 Multiple errors within the processing of PDF files can be exploited to e.g. cause a crash. - CVE-2010-4261 An off-by-one error within the
last seen	2020-06-01
modified	2020-06-02
plugin id	51068
published	2010-12-08
reporter	This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/51068
title	Fedora 14 : clamav-0.96.5-1400.fc14 (2010-18568)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2010-18568. # include("compat.inc"); if (description) { script_id(51068); script_version("1.12"); script_cvs_date("Date: 2019/08/02 13:32:32"); script_cve_id("CVE-2010-4260", "CVE-2010-4261", "CVE-2010-4479"); script_bugtraq_id(45152); script_xref(name:"FEDORA", value:"2010-18568"); script_name(english:"Fedora 14 : clamav-0.96.5-1400.fc14 (2010-18568)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Sat Dec 4 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.96.5-1400 - updated to 0.96.5 - CVE-2010-4260 Multiple errors within the processing of PDF files can be exploited to e.g. cause a crash. - CVE-2010-4261 An off-by-one error within the 'icon_cb()' function can be exploited to cause a memory corruption. - Sun Oct 31 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.96.4-1400 - updated to 0.96.4 - execute 'make check' (#640347) but ignore errors for now because four checks are failing on f13 - Tue Oct 5 2010 jkeating - 0.96.3-1400.1 - Rebuilt for gcc bug 634757 - Wed Sep 29 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - lowered stop priority of sysv initscripts (#629435) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=659861" ); # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/051905.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?84c221b8" ); script_set_attribute( attribute:"solution", value:"Update the affected clamav package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:clamav"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:14"); script_set_attribute(attribute:"patch_publication_date", value:"2010/12/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/12/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^14([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 14.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC14", reference:"clamav-0.96.5-1400.fc14")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav"); }

NASL family	Mandriva Local Security Checks
NASL id	MANDRIVA_MDVSA-2010-249.NASL
description	Multiple vulnerabilities were discovered and corrected in clamav : Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document (CVE-2010-4260, (CVE-2010-4479). Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third-party information (CVE-2010-4261). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90 The updated clamav packages have been upgraded to the 0.96.5 version that is not vulnerable to these issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	51071
published	2010-12-08
reporter	This script is Copyright (C) 2010-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/51071
title	Mandriva Linux Security Advisory : clamav (MDVSA-2010:249)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2010:249. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(51071); script_version("1.13"); script_cvs_date("Date: 2019/08/02 13:32:53"); script_cve_id("CVE-2010-4260", "CVE-2010-4261", "CVE-2010-4479"); script_bugtraq_id(45152); script_xref(name:"MDVSA", value:"2010:249"); script_name(english:"Mandriva Linux Security Advisory : clamav (MDVSA-2010:249)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Multiple vulnerabilities were discovered and corrected in clamav : Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document (CVE-2010-4260, (CVE-2010-4479). Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third-party information (CVE-2010-4261). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=4 90 The updated clamav packages have been upgraded to the 0.96.5 version that is not vulnerable to these issues." ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:clamav"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:clamav-db"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:clamav-milter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:clamd"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64clamav-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64clamav6"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libclamav-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:libclamav6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2009.0"); script_set_attribute(attribute:"patch_publication_date", value:"2010/12/07"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/12/08"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64\|i[3-6]86\|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2009.0", reference:"clamav-0.96.5-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"clamav-db-0.96.5-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"clamav-milter-0.96.5-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", reference:"clamd-0.96.5-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64clamav-devel-0.96.5-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"x86_64", reference:"lib64clamav6-0.96.5-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libclamav-devel-0.96.5-0.1mdv2009.0", yank:"mdv")) flag++; if (rpm_check(release:"MDK2009.0", cpu:"i386", reference:"libclamav6-0.96.5-0.1mdv2009.0", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201110-20.NASL
description	The remote host is affected by the vulnerability described in GLSA-201110-20 (Clam AntiVirus: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Clam AntiVirus. Please review the CVE identifiers referenced below for details. Impact : An unauthenticated remote attacker may execute arbitrary code with the privileges of the Clam AntiVirus process or cause a Denial of Service by causing an affected user or system to scan a crafted file. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	56595
published	2011-10-24
reporter	This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/56595
title	GLSA-201110-20 : Clam AntiVirus: Multiple vulnerabilities
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201110-20. # # The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(56595); script_version("1.13"); script_cvs_date("Date: 2018/07/11 17:09:26"); script_cve_id("CVE-2010-0405", "CVE-2010-3434", "CVE-2010-4260", "CVE-2010-4261", "CVE-2010-4479", "CVE-2011-1003", "CVE-2011-2721", "CVE-2011-3627"); script_bugtraq_id(43331, 43555, 45152, 46470, 48891); script_xref(name:"GLSA", value:"201110-20"); script_xref(name:"IAVB", value:"2010-B-0083"); script_name(english:"GLSA-201110-20 : Clam AntiVirus: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201110-20 (Clam AntiVirus: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Clam AntiVirus. Please review the CVE identifiers referenced below for details. Impact : An unauthenticated remote attacker may execute arbitrary code with the privileges of the Clam AntiVirus process or cause a Denial of Service by causing an affected user or system to scan a crafted file. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201110-20" ); script_set_attribute( attribute:"solution", value: "All Clam AntiVirus users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-antivirus/clamav-0.97.3'" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:clamav"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2011/10/24"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/10/24"); script_set_attribute(attribute:"stig_severity", value:"II"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"app-antivirus/clamav", unaffected:make_list("ge 0.97.3"), vulnerable:make_list("lt 0.97.3"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "Clam AntiVirus"); }

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2010-18564.NASL
description	- Sat Dec 4 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.96.5-1300 - updated to 0.96.5 - CVE-2010-4260 Multiple errors within the processing of PDF files can be exploited to e.g. cause a crash. - CVE-2010-4261 An off-by-one error within the
last seen	2020-06-01
modified	2020-06-02
plugin id	51346
published	2010-12-20
reporter	This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/51346
title	Fedora 13 : clamav-0.96.5-1300.fc13 (2010-18564)
code	#%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2010-18564. # include("compat.inc"); if (description) { script_id(51346); script_version("1.12"); script_cvs_date("Date: 2019/08/02 13:32:32"); script_cve_id("CVE-2010-4260", "CVE-2010-4261", "CVE-2010-4479"); script_bugtraq_id(45152); script_xref(name:"FEDORA", value:"2010-18564"); script_name(english:"Fedora 13 : clamav-0.96.5-1300.fc13 (2010-18564)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Sat Dec 4 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.96.5-1300 - updated to 0.96.5 - CVE-2010-4260 Multiple errors within the processing of PDF files can be exploited to e.g. cause a crash. - CVE-2010-4261 An off-by-one error within the 'icon_cb()' function can be exploited to cause a memory corruption. - Sun Oct 31 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.96.4-1300 - updated to 0.96.4 - execute 'make check' (#640347) but ignore errors for now because four checks are failing on f13 - Wed Sep 29 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - lowered stop priority of sysv initscripts (#629435) - Wed Sep 22 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.96.3-1300 - updated to 0.96.3 - fixes CVE-2010-0405 in shipped bzlib.c copy - Sun Aug 15 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.96.2-1300 - updated to 0.96.2 - rediffed patches - removed the -jit-disable patch which is replaced upstream by a more detailed configuration option. - Wed Aug 11 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - use 'groupmems', not 'usermod' to add a user to a group because 'usermod' does not work when user does not exist in local /etc/passwd - Tue Jun 1 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 0.96.1-1400 - updated to 0.96.1 - applied upstream patch which allows to disable JIT compiler (#573191) - disabled JIT compiler by default - removed explicit 'pkgconfig' requirements in -devel (#533956) - added some BRs - rediffed patches Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=659861" ); # https://lists.fedoraproject.org/pipermail/package-announce/2010-December/052401.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?47e4fc18" ); script_set_attribute( attribute:"solution", value:"Update the affected clamav package." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:clamav"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:13"); script_set_attribute(attribute:"patch_publication_date", value:"2010/12/05"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/12/20"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) \|\| "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^13([^0-9]\|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 13.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC13", reference:"clamav-0.96.5-1300.fc13")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav"); }

NASL family	MacOS X Local Security Checks
NASL id	MACOSX_10_6_7.NASL
description	The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.7. Mac OS X 10.6.7 contains security fixes for the following products : - AirPort - Apache - AppleScript - ATS - bzip2 - CarbonCore - ClamAV - CoreText - File Quarantine - HFS - ImageIO - Image RAW - Installer - Kerberos - Kernel - Libinfo - libxml - Mailman - PHP - QuickLook - QuickTime - Ruby - Samba - Subversion - Terminal - X11
last seen	2020-06-01
modified	2020-06-02
plugin id	52754
published	2011-03-22
reporter	This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/52754
title	Mac OS X 10.6.x < 10.6.7 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # if (!defined_func("bn_random")) exit(0); if (NASL_LEVEL < 3000) exit(0); # Avoid problems with large number of xrefs. include("compat.inc"); if (description) { script_id(52754); script_version("1.33"); script_cvs_date("Date: 2018/08/22 16:49:14"); script_cve_id( "CVE-2006-7243", "CVE-2010-0405", "CVE-2010-1323", "CVE-2010-1324", "CVE-2010-1452", "CVE-2010-2068", "CVE-2010-2950", "CVE-2010-3069", "CVE-2010-3089", "CVE-2010-3315", "CVE-2010-3434", "CVE-2010-3709", "CVE-2010-3710", "CVE-2010-3801", "CVE-2010-3802", "CVE-2010-3814", "CVE-2010-3855", "CVE-2010-3870", "CVE-2010-4008", "CVE-2010-4009", "CVE-2010-4020", "CVE-2010-4021", "CVE-2010-4150", "CVE-2010-4260", "CVE-2010-4261", "CVE-2010-4409", "CVE-2010-4479", "CVE-2010-4494", "CVE-2011-0170", "CVE-2011-0172", "CVE-2011-0173", "CVE-2011-0174", "CVE-2011-0175", "CVE-2011-0176", "CVE-2011-0177", "CVE-2011-0178", "CVE-2011-0179", "CVE-2011-0180", "CVE-2011-0181", "CVE-2011-0182", "CVE-2011-0183", "CVE-2011-0184", "CVE-2011-0186", "CVE-2011-0187", "CVE-2011-0188", "CVE-2011-0189", "CVE-2011-0190", "CVE-2011-0191", "CVE-2011-0192", "CVE-2011-0193", "CVE-2011-0194", "CVE-2011-1417" ); script_bugtraq_id( 40827, 43212, 43555, 43926, 44214, 44605, 44643, 44718, 44779, 44980, 45116, 45117, 45118, 45119, 45122, 45152, 46832, 46965, 46966, 46971, 46972, 46973, 46982, 46984, 46987, 46988, 46989, 46990, 46991, 46992, 46993, 46994, 46995, 46996, 46997, 47023 ); script_xref(name:"EDB-ID", value:"17901"); script_xref(name:"IAVB", value:"2010-B-0083"); script_name(english:"Mac OS X 10.6.x < 10.6.7 Multiple Vulnerabilities"); script_summary(english:"Check the version of Mac OS X"); script_set_attribute( attribute:"synopsis", value: "The remote host is missing a Mac OS X update that fixes several security issues." ); script_set_attribute( attribute:"description", value: "The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.7. Mac OS X 10.6.7 contains security fixes for the following products : - AirPort - Apache - AppleScript - ATS - bzip2 - CarbonCore - ClamAV - CoreText - File Quarantine - HFS - ImageIO - Image RAW - Installer - Kerberos - Kernel - Libinfo - libxml - Mailman - PHP - QuickLook - QuickTime - Ruby - Samba - Subversion - Terminal - X11" ); script_set_attribute( attribute:"see_also", value:"http://support.apple.com/kb/HT4581" ); script_set_attribute( attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" ); script_set_attribute( attribute:"solution", value:"Upgrade to Mac OS X 10.6.7 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"exploit_framework_canvas", value:"true"); script_set_attribute(attribute:"canvas_package", value:'CANVAS'); script_set_attribute(attribute:"vuln_publication_date", value:"2006/12/18"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/22"); script_set_attribute(attribute:"plugin_type", value:"combined"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x"); script_set_attribute(attribute:"stig_severity", value:"II"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2011-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl"); exit(0); } os = get_kb_item("Host/MacOSX/Version"); if (!os) { os = get_kb_item("Host/OS"); if (isnull(os)) exit(0, "The 'Host/OS' KB item is missing."); if ("Mac OS X" >!< os) exit(0, "The host does not appear to be running Mac OS X."); c = get_kb_item("Host/OS/Confidence"); if (c <= 70) exit(1, "Can't determine the host's OS with sufficient confidence."); } if (!os) exit(0, "The host does not appear to be running Mac OS X."); if (ereg(pattern:"Mac OS X 10\.6($\|\.[0-6]([^0-9]\|$))", string:os)) security_hole(0); else exit(0, "The host is not affected as it is running "+os+".");

NASL family	Misc.
NASL id	CLAMAV_0_96_5.NASL
description	According to its version, the clamd antivirus daemon on the remote host is earlier than 0.96.5. Such versions are reportedly affected by multiple vulnerabilities : - Multiple errors exist in the PDF processing functions in
last seen	2020-06-01
modified	2020-06-02
plugin id	51125
published	2010-12-10
reporter	This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/51125
title	ClamAV < 0.96.5 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(51125); script_version("1.14"); script_cvs_date("Date: 2018/11/15 20:50:23"); script_cve_id("CVE-2010-4260", "CVE-2010-4261", "CVE-2010-4479"); script_bugtraq_id(45152); script_xref(name:"Secunia", value:"42426"); script_name(english:"ClamAV < 0.96.5 Multiple Vulnerabilities"); script_summary(english:"Checks response to a clamd VERSION command"); script_set_attribute(attribute:"synopsis", value:"The remote antivirus service is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "According to its version, the clamd antivirus daemon on the remote host is earlier than 0.96.5. Such versions are reportedly affected by multiple vulnerabilities : - Multiple errors exist in the PDF processing functions in 'libclamav/pdf.c', which could lead to application crashes. (Bugs 2358, 2380, 2396) - An off-by-one error exists in the handling of icons such that a crafted icon may be used to cause an integer overflow. (Bug 2344)"); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?8aeafa37"); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4caa8742"); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?87149641"); script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?022c6883"); script_set_attribute(attribute:"see_also", value:"http://freshmeat.net/projects/clamav/releases/325193"); script_set_attribute(attribute:"solution", value:"Upgrade to ClamAV 0.96.5 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2010/11/30"); script_set_attribute(attribute:"patch_publication_date", value:"2010/11/30"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/12/10"); script_set_attribute(attribute:"potential_vulnerability", value:"true"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:clamav:clamav"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc."); script_dependencies("clamav_detect.nasl"); script_require_keys("Antivirus/ClamAV/version", "Settings/ParanoidReport"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); # nb. banner checks of open source software are prone to false- # positives so only run the check if reporting is paranoid. if (report_paranoia < 2) audit(AUDIT_PARANOID); version = get_kb_item_or_exit("Antivirus/ClamAV/version"); port = get_service(svc:"clamd", default:3310, exit_on_fail:TRUE); # Check the version number. # # nb: versions like 0.94rc1 are possible. ver = split(version, sep:'.', keep:FALSE); for (i=0; i<max_index(ver); i++) ver[i] = int(ver[i]); if ( ( ver[0] == 0 && ( ver[1] < 96 \|\| (ver[1] == 96 && ver[2] < 5) ) ) ) { if (report_verbosity > 0) { fixed_version = "0.96.5"; report = '\n Installed version : ' + version + '\n Fixed version : ' + fixed_version + '\n'; security_hole(port:port, extra:report); } else security_hole(port); exit(0); } else exit(0, "The host is not affected since ClamAV version " + version + " is installed.");

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-1031-1.NASL
description	Arkadiusz Miskiewicz and others discovered that the PDF processing code in libclamav improperly validated input. This could allow a remote attacker to craft a PDF document that could crash clamav or possibly execute arbitrary code. (CVE-2010-4260, CVE-2010-4479) It was discovered that an off-by-one error in the icon_cb function in pe_icons.c in libclamav could allow an attacker to corrupt memory, causing clamav to crash or possibly execute arbitrary code. (CVE-2010-4261) In the default installation, attackers would be isolated by the clamav AppArmor profile. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	51117
published	2010-12-10
reporter	Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/51117
title	Ubuntu 10.04 LTS / 10.10 : clamav vulnerabilities (USN-1031-1)
code	# # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-1031-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(51117); script_version("1.10"); script_cvs_date("Date: 2019/09/19 12:54:26"); script_cve_id("CVE-2010-4260", "CVE-2010-4261", "CVE-2010-4479"); script_bugtraq_id(45152); script_xref(name:"USN", value:"1031-1"); script_name(english:"Ubuntu 10.04 LTS / 10.10 : clamav vulnerabilities (USN-1031-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "Arkadiusz Miskiewicz and others discovered that the PDF processing code in libclamav improperly validated input. This could allow a remote attacker to craft a PDF document that could crash clamav or possibly execute arbitrary code. (CVE-2010-4260, CVE-2010-4479) It was discovered that an off-by-one error in the icon_cb function in pe_icons.c in libclamav could allow an attacker to corrupt memory, causing clamav to crash or possibly execute arbitrary code. (CVE-2010-4261) In the default installation, attackers would be isolated by the clamav AppArmor profile. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/1031-1/" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav-base"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav-daemon"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav-dbg"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav-docs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav-freshclam"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav-milter"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:clamav-testfiles"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libclamav-dev"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:libclamav6"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.10"); script_set_attribute(attribute:"vuln_publication_date", value:"2010/12/07"); script_set_attribute(attribute:"patch_publication_date", value:"2010/12/09"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/12/10"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2010-2019 Canonical, Inc. / NASL script (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! preg(pattern:"^(10\.04\|10\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 10.04 / 10.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"10.04", pkgname:"clamav", pkgver:"0.96.3+dfsg-2ubuntu1.0.10.04.2")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"clamav-base", pkgver:"0.96.3+dfsg-2ubuntu1.0.10.04.2")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"clamav-daemon", pkgver:"0.96.3+dfsg-2ubuntu1.0.10.04.2")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"clamav-dbg", pkgver:"0.96.3+dfsg-2ubuntu1.0.10.04.2")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"clamav-docs", pkgver:"0.96.3+dfsg-2ubuntu1.0.10.04.2")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"clamav-freshclam", pkgver:"0.96.3+dfsg-2ubuntu1.0.10.04.2")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"clamav-milter", pkgver:"0.96.3+dfsg-2ubuntu1.0.10.04.2")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"clamav-testfiles", pkgver:"0.96.3+dfsg-2ubuntu1.0.10.04.2")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"libclamav-dev", pkgver:"0.96.3+dfsg-2ubuntu1.0.10.04.2")) flag++; if (ubuntu_check(osver:"10.04", pkgname:"libclamav6", pkgver:"0.96.3+dfsg-2ubuntu1.0.10.04.2")) flag++; if (ubuntu_check(osver:"10.10", pkgname:"clamav", pkgver:"0.96.3+dfsg-2ubuntu1.2")) flag++; if (ubuntu_check(osver:"10.10", pkgname:"clamav-base", pkgver:"0.96.3+dfsg-2ubuntu1.2")) flag++; if (ubuntu_check(osver:"10.10", pkgname:"clamav-daemon", pkgver:"0.96.3+dfsg-2ubuntu1.2")) flag++; if (ubuntu_check(osver:"10.10", pkgname:"clamav-dbg", pkgver:"0.96.3+dfsg-2ubuntu1.2")) flag++; if (ubuntu_check(osver:"10.10", pkgname:"clamav-docs", pkgver:"0.96.3+dfsg-2ubuntu1.2")) flag++; if (ubuntu_check(osver:"10.10", pkgname:"clamav-freshclam", pkgver:"0.96.3+dfsg-2ubuntu1.2")) flag++; if (ubuntu_check(osver:"10.10", pkgname:"clamav-milter", pkgver:"0.96.3+dfsg-2ubuntu1.2")) flag++; if (ubuntu_check(osver:"10.10", pkgname:"clamav-testfiles", pkgver:"0.96.3+dfsg-2ubuntu1.2")) flag++; if (ubuntu_check(osver:"10.10", pkgname:"libclamav-dev", pkgver:"0.96.3+dfsg-2ubuntu1.2")) flag++; if (ubuntu_check(osver:"10.10", pkgname:"libclamav6", pkgver:"0.96.3+dfsg-2ubuntu1.2")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "clamav / clamav-base / clamav-daemon / clamav-dbg / clamav-docs / etc"); }

NASL family	MacOS X Local Security Checks
NASL id	MACOSX_SECUPD2011-001.NASL
description	The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2011-001 applied. This security update contains fixes for the following products : - Apache - bzip2 - ClamAV - ImageIO - Kerberos - Libinfo - libxml - Mailman - PHP - QuickLook - Ruby - X11
last seen	2020-06-01
modified	2020-06-02
plugin id	52753
published	2011-03-22
reporter	This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/52753
title	Mac OS X Multiple Vulnerabilities (Security Update 2011-001)
code	# # (C) Tenable Network Security, Inc. # if (!defined_func("bn_random")) exit(0); if (NASL_LEVEL < 3000) exit(0); # Avoid problems with large number of xrefs. include("compat.inc"); if (description) { script_id(52753); script_version("1.23"); script_cvs_date("Date: 2018/07/14 1:59:35"); script_cve_id( "CVE-2010-0405", "CVE-2010-1323", "CVE-2010-1452", "CVE-2010-2068", "CVE-2010-3089", "CVE-2010-3434", "CVE-2010-3436", "CVE-2010-3709", "CVE-2010-3814", "CVE-2010-3855", "CVE-2010-4008", "CVE-2010-4150", "CVE-2010-4260", "CVE-2010-4261", "CVE-2010-4479", "CVE-2011-0170", "CVE-2011-0181", "CVE-2011-0183", "CVE-2011-0188", "CVE-2011-0191", "CVE-2011-0192", "CVE-2011-1417" ); script_bugtraq_id( 40827, 43555, 44214, 44643, 44718, 44723, 44779, 44980, 45118, 45152, 46832, 46966, 46990, 46996 ); script_xref(name:"IAVB", value:"2010-B-0083"); script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2011-001)"); script_summary(english:"Check for the presence of Security Update 2011-001"); script_set_attribute( attribute:"synopsis", value: "The remote host is missing a Mac OS X update that fixes several security issues." ); script_set_attribute( attribute:"description", value: "The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2011-001 applied. This security update contains fixes for the following products : - Apache - bzip2 - ClamAV - ImageIO - Kerberos - Libinfo - libxml - Mailman - PHP - QuickLook - Ruby - X11" ); script_set_attribute( attribute:"see_also", value:"http://support.apple.com/kb/HT4581" ); script_set_attribute( attribute:"see_also", value:"http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html" ); script_set_attribute( attribute:"solution", value:"Install Security Update 2011-001 or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2010/06/11"); script_set_attribute(attribute:"patch_publication_date", value:"2011/03/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2011/03/22"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x"); script_set_attribute(attribute:"stig_severity", value:"II"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"MacOS X Local Security Checks"); script_copyright(english:"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/MacOSX/packages", "Host/uname"); exit(0); } uname = get_kb_item("Host/uname"); if (!uname) exit(0, "The 'Host/uname' KB item is missing."); pat = "^.+Darwin.* ([0-9]+\.[0-9.]+).*$"; if (!ereg(pattern:pat, string:uname)) exit(0, "Can't identify the Darwin kernel version from the uname output ("+uname+")."); darwin = ereg_replace(pattern:pat, replace:"\1", string:uname); if (ereg(pattern:"^9\.[0-8]\.", string:darwin)) { packages = get_kb_item("Host/MacOSX/packages/boms"); if (!packages) exit(1, "The 'Host/MacOSX/packages/boms' KB item is missing."); if (egrep(pattern:"^com\.apple\.pkg\.update\.security\.(2011\.00[1-9]\|201[2-9]\.[0-9]+)(\.leopard)?\.bom", string:packages)) exit(0, "The host has Security Update 2011-001 or later installed and therefore is not affected."); else security_hole(0); } else exit(0, "The host is running Darwin kernel version "+darwin+" and therefore is not affected.");

Summary

Vulnerable Configurations

Nessus

References