ID de Prueba:	1.3.6.1.4.1.25623.1.0.57719
Categoría:	Mandrake Local Security Checks
Título:	Mandrake Security Advisory MDKSA-2006:230 (clamav)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to clamav announced via advisory MDKSA-2006:230. The latest version of ClamAV, 0.88.7, fixes some bugs, including vulnerabilities with handling base64-encoded MIME attachment files that can lead to either a) a crash (CVE-2006-5874), or b) a bypass of virus detection (CVE-2006-6406). As well, a vulnerability was discovered that allows remote attackers to cause a stack overflow and application crash by wrapping many layers of multipart/mixed content around a document (CVE-2006-6481). The latest ClamAV is being provided to address these issues. Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDKSA-2006:230 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2006-5874 BugTraq ID: 21510 http://www.securityfocus.com/bid/21510 Debian Security Information: DSA-1232 (Google Search) http://www.debian.org/security/2006/dsa-1232 http://www.mandriva.com/security/advisories?name=MDKSA-2006:230 http://secunia.com/advisories/23327 http://secunia.com/advisories/23362 http://secunia.com/advisories/23411 SuSE Security Announcement: SUSE-SA:2006:078 (Google Search) http://www.novell.com/linux/security/advisories/2006_78_clamav.html Common Vulnerability Exposure (CVE) ID: CVE-2006-6406 BugTraq ID: 21461 http://www.securityfocus.com/bid/21461 Bugtraq: 20061206 Multiple Vendor Unusual MIME Encoding Content Filter Bypass (Google Search) http://www.securityfocus.com/archive/1/453654/100/0/threaded Debian Security Information: DSA-1238 (Google Search) http://www.debian.org/security/2006/dsa-1238 http://www.quantenblog.net/security/virus-scanner-bypass http://secunia.com/advisories/23379 http://secunia.com/advisories/23460 http://www.vupen.com/english/advisories/2006/4948 http://www.vupen.com/english/advisories/2006/5113 Common Vulnerability Exposure (CVE) ID: CVE-2006-6481 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html BugTraq ID: 21609 http://www.securityfocus.com/bid/21609 http://security.gentoo.org/glsa/glsa-200612-18.xml http://osvdb.org/31283 http://secunia.com/advisories/23347 http://secunia.com/advisories/23404 http://secunia.com/advisories/23417 http://secunia.com/advisories/29420 http://www.trustix.org/errata/2006/0072/ http://www.vupen.com/english/advisories/2008/0924/references
Copyright	Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.