FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

clamav -- Multipart Nestings Denial of Service

Affected packages
clamav < 0.88.7
clamav-devel <= 20061029

Details

VuXML ID eb5124a4-8a20-11db-b033-00123ffe8333
Discovery 2006-12-06
Entry 2006-12-12
Modified 2013-06-19

Secunia reports:

Clam AntiVirus have a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to a stack overflow when scanning messages with deeply nested multipart content. This can be exploited to crash the service by sending specially crafted emails to a vulnerable system.

References

CVE Name CVE-2006-6481
URL http://secunia.com/advisories/23347/
URL http://www.quantenblog.net/security/virus-scanner-bypass