Debian Clamav vulnerabilities

CVE-2005-2070 [MEDIUM] CVE-2005-2070: clamav - The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used in Sendmail... The ClamAV Mail fILTER (clamav-milter) 0.84 through 0.85d, when used in Sendmail using long timeouts, allows remote attackers to cause a denial of service by keeping an open connection, which prevents ClamAV from reloading. Scope: local bookworm: resolved (fixed in 0.86.1) bullseye: resolved (fixed in 0.86.1) forky: resolved (fixed in 0.86.1) sid: resolved (fixed in

CVE-2005-1922 [MEDIUM] CVE-2005-1922: clamav - The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote... The MS-Expand file handling in Clam AntiVirus (ClamAV) before 0.86 allows remote attackers to cause a denial of service (file descriptor and memory consumption) via a crafted file that causes repeated errors in the cli_msexpand function. Scope: local bookworm: resolved (fixed in 0.86.1-1) bullseye: resolved (fixed in 0.86.1-1) forky: resolved (fixed in 0.86.1-1) sid:

CVE-2005-3229 [MEDIUM] CVE-2005-3229: clamav - Multiple interpretation error in unspecified versions of ClamAV Antivirus allows... Multiple interpretation error in unspecified versions of ClamAV Antivirus allows remote attackers to bypass virus detection via a malicious executable in a specially crafted RAR file with malformed central and local headers, which can still be opened by products such as Winrar and PowerZip, even though they are rejected as corrupted by Winzip and BitZipper. Scope: lo

CVE-2004-1876 [MEDIUM] CVE-2004-1876: clamav - The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) be... The "%f" feature in the VirusEvent directive in Clam AntiVirus daemon (clamd) before 0.70 allows local users to execute arbitrary commands via shell metacharacters in a file name. Scope: local bookworm: resolved (fixed in 0.70-1) bullseye: resolved (fixed in 0.70-1) forky: resolved (fixed in 0.70-1) sid: resolved (fixed in 0.70-1) trixie: resolved (fixed in 0.70-1)

CVE-2004-0270 [MEDIUM] CVE-2004-0270: clamav - libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of se... libclamav in Clam AntiVirus 0.65 allows remote attackers to cause a denial of service (crash) via a uuencoded e-mail message with an invalid line length (e.g., a lowercase character), which causes an assert error in clamd that terminates the calling program. Scope: local bookworm: resolved (fixed in 0.80) bullseye: resolved (fixed in 0.80) forky: resolved (fixed in 0

CVE-2004-1909 [LOW] CVE-2004-1909: clamav - Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a de... Claim Anti-Virus (ClamAV) 0.68 and earlier allows remote attackers to cause a denial of service (crash) via certain RAR archives, such as those generated by the Beagle/Bagle worm. Scope: local bookworm: resolved (fixed in 0.68.1) bullseye: resolved (fixed in 0.68.1) forky: resolved (fixed in 0.68.1) sid: resolved (fixed in 0.68.1) trixie: resolved (fixed in 0.68.1)

CVE-2003-0946 [HIGH] CVE-2003-0946: clamav - Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.6... Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL FROM" command. Scope: local bookworm: resolved (fixed in 0.65) bullseye: resolved (fixed in 0.65