Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1989

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2006-1989
Last Modified 07 Mar 2011 09:34:45
Published 01 May 2006 03:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-1989

Summary

Buffer overflow in the get_database function in the HTTP client in Freshclam in ClamAV 0.80 to 0.88.1 might allow remote web servers to execute arbitrary code via long HTTP headers.

Vulnerable Systems

Application

  • Clam Anti-virus Clamav 0.88

  • Clam Anti-virus Clamav 0.88.1


References

CERT-VN - VU#599220

BID - 17754

SECUNIA - 19880

VUPEN - ADV-2006-2566

VUPEN - ADV-2006-1586

TRUSTIX - 2006-0024

OSVDB - 25120

SUSE - SUSE-SA:2006:025

GENTOO - GLSA-200605-03

DEBIAN - DSA-1050

CONFIRM - http://www.clamav.net/security/0.88.2.html

SECUNIA - 20159

SECUNIA - 20117

SECUNIA - 19964

SECUNIA - 19963

SECUNIA - 19912

SECUNIA - 19874

SUSE - SUSE-SR:2006:010

APPLE - APPLE-SA-2006-06-27

CONFIRM - http://kolab.org/security/kolab-vendor-notice-09.txt

XF - clamav-freshclam-http-bo(26182)

MANDRIVA - MDKSA-2006:080

SECTRACK - 1016392

SECUNIA - 20877

Related Patches

Apple 2006-06-27 Mac OS X Server Update 10.4.7 Combo (PPC) (Rev 3)

Apple 2006-06-27 Mac OS X Server Update 10.4.7 (PPC) (Rev 3)


Last Updated: 27 May 2016 10:42:16