Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2006-6406

Published: 10/12/2006 Updated: 17/10/2018
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Clam Anti-virus

Vulnerability Summary

Clam AntiVirus (ClamAV) 0.88.6 allows remote malicious users to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.

Vulnerable Product Search on Vulmon Subscribe to Product

clam anti-virus clamav 0.88.6

Vendor Advisories

Debian CVElist Bug Report Logs: Unusual MIME Encoding Content Filter Bypass
Debian Bug report logs - #401873 Unusual MIME Encoding Content Filter Bypass Package: clamav; Maintainer for clamav is ClamAV Team <pkg-clamav-devel@listsaliothdebianorg>; Source for clamav is src:clamav (PTS, buildd, popcon) Reported by: Hendrik Weimer <hendrik@enyode> Date: Wed, 6 Dec 2006 14:48:08 UTC Severi ...
Debian CVElist Bug Report Logs: Multipart Nesting Denial of Service
Debian Bug report logs - #401874 Multipart Nesting Denial of Service Package: clamav; Maintainer for clamav is ClamAV Team <pkg-clamav-devel@listsaliothdebianorg>; Source for clamav is src:clamav (PTS, buildd, popcon) Reported by: Hendrik Weimer <hendrik@enyode> Date: Wed, 6 Dec 2006 14:48:14 UTC Severity: impo ...
Debian Security Advisories: DSA-1238-1 clamav -- several vulnerabilities
Several remote vulnerabilities have been discovered in the Clam anti-virus toolkit The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-6406 Hendrik Weimer discovered that invalid characters in base64 encoded data may lead to bypass of scanning mechanisms CVE-2006-6481 Hendrik Weimer discovered ...

References

NVD-CWE-Otherhttp://www.quantenblog.net/security/virus-scanner-bypasshttp://www.securityfocus.com/bid/21461http://secunia.com/advisories/23362http://kolab.org/security/kolab-vendor-notice-14.txthttp://www.debian.org/security/2006/dsa-1238http://www.novell.com/linux/security/advisories/2006_78_clamav.htmlhttp://secunia.com/advisories/23460http://secunia.com/advisories/23379http://secunia.com/advisories/23411http://www.mandriva.com/security/advisories?name=MDKSA-2006:230http://www.vupen.com/english/advisories/2006/4948http://www.vupen.com/english/advisories/2006/5113http://www.securityfocus.com/archive/1/453654/100/0/threadedhttps://nvd.nist.govhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=401873https://www.debian.org/security/./dsa-1238
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injectionCVE-2024-30983CVE-2023-4235CVE-2024-21338privilegeencryptionCVE-2023-4232CVE-2024-31497CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook