Launchpad.net

CVE 2006-6406

Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to bypass virus detection by inserting invalid characters into base64 encoded content in a multipart/mixed MIME file, as demonstrated with the EICAR test file.

Related bugs and status

CVE-2006-6406 (Candidate) is related to these bugs:

Bug #76374: MIME bypass

		In	Importance	Status
76374	MIME bypass	clamav (Ubuntu)	High	Fix Released
76374	MIME bypass	clamav (Ubuntu Feisty)	High	Fix Released
76374	MIME bypass	clamav (Ubuntu Dapper)	Undecided	Fix Released
76374	MIME bypass	clamav (Ubuntu Edgy)	Undecided	Fix Released

Bug #83065: Please backport clamav 0.88.7-1ubuntu1 to edgy from feisty

Summary				In	Importance	Status
	83065	Please backport clamav 0.88.7-1ubuntu1 to edgy from feisty		Edgy Backports	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.quantenblog...
BID: 21461
SECUNIA: 23362
CONFIRM: http://kolab.org/secur...
DEBIAN: DSA-1238
SUSE: SUSE-SA:2006:078
SECUNIA: 23460
SECUNIA: 23379
SECUNIA: 23411
MANDRIVA: MDKSA-2006:230
VUPEN: ADV-2006-5113
VUPEN: ADV-2006-4948
BUGTRAQ: 20061206 Multiple Vend...