Intrusion PreventionClamAV.Mail.Filter.Crafted.Recipient.Command.Execution
Description
This indicates an attack attempt against a remote command-execution vulnerability in ClamAV.
A vulnerability has been reported in ClamAV that may allow an attacker to execute shell commands on a vulnerable system. This is possible because the user input filters fail to properly sanitize the SMTP command. An attacker may include shell commands by supplying an injection string through a crafted request.
Affected Products
Clam Anti-Virus ClamAV 0.91.1
Clam Anti-Virus ClamAV 0.91
Clam Anti-Virus ClamAV 0.90.3
Clam Anti-Virus ClamAV 0.90.2
Clam Anti-Virus ClamAV 0.90.1
Clam Anti-Virus ClamAV 0.90
Clam Anti-Virus ClamAV 0.88.6
Clam Anti-Virus ClamAV 0.88.5
Clam Anti-Virus ClamAV 0.88.4
Clam Anti-Virus ClamAV 0.88.3
Clam Anti-Virus ClamAV 0.88.2
Clam Anti-Virus ClamAV 0.88.1
Clam Anti-Virus ClamAV 0.87.1
Clam Anti-Virus ClamAV 0.87 -1
Clam Anti-Virus ClamAV 0.87
Clam Anti-Virus ClamAV 0.86.2
Clam Anti-Virus ClamAV 0.86 .1
Clam Anti-Virus ClamAV 0.86
Clam Anti-Virus ClamAV 0.85.1
Clam Anti-Virus ClamAV 0.85
Clam Anti-Virus ClamAV 0.84 rc2
Clam Anti-Virus ClamAV 0.84 rc1
Clam Anti-Virus ClamAV 0.84
Clam Anti-Virus ClamAV 0.83
Clam Anti-Virus ClamAV 0.82
Clam Anti-Virus ClamAV 0.81
Clam Anti-Virus ClamAV 0.80 rc4
Clam Anti-Virus ClamAV 0.80 rc3
Clam Anti-Virus ClamAV 0.80 rc2
Clam Anti-Virus ClamAV 0.80 rc1
Clam Anti-Virus ClamAV 0.80
Clam Anti-Virus ClamAV 0.75.1
Clam Anti-Virus ClamAV 0.70
Clam Anti-Virus ClamAV 0.68 -1
Clam Anti-Virus ClamAV 0.68
Clam Anti-Virus ClamAV 0.67
Clam Anti-Virus ClamAV 0.65
Clam Anti-Virus ClamAV 0.60
Clam Anti-Virus ClamAV 0.54
Clam Anti-Virus ClamAV 0.53
Clam Anti-Virus ClamAV 0.52
Clam Anti-Virus ClamAV 0.51
Impact
System Compromise: Remote attackers can gain control of the vulnerable system.
Recommended Actions
Upgrade to the latest version, available from the following web site:
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 15063 |
| Created | Oct 11, 2007 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2007-4560 |
| Exploit Prediction Score | 96.53% |
| Default Action | drop |
| Active | |
| Affected OS | All |
| Affected App | Other |