www.itnews.com.au
Open in
urlscan Pro
203.176.102.69
Public Scan
URL:
https://www.itnews.com.au/news/clamav-vulnerability-hits-cisco-security-software-591013
Submission: On February 21 via api from TR — Scanned from AU
Submission: On February 21 via api from TR — Scanned from AU
Form analysis 1 forms found in the DOM
POST /news/clamav-vulnerability-hits-cisco-security-software-591013
<form id="frm-login" action="/news/clamav-vulnerability-hits-cisco-security-software-591013" method="post">
<h3 class="section-header"><span>Log In</span></h3>
<div id="login-form-register"><a href="/register">Don't have an account? Register now!</a></div>
<div id="login-validation"></div>
<div id="login-response"></div>
<div class="form-label email-login">Email:</div>
<div class="form-input"><input id="username" name="username" type="text" required=""></div>
<div class="form-label password-login">Password:</div>
<div class="form-input"><input id="password" name="password" type="password" required=""></div>
<div class="row form-checkbox">
<input id="rememberMe" name="rememberMe" type="checkbox"><label for="rememberMe">Remember me</label><span> | <a href="/forgot" title="Forgot your password?">Forgot your password?</a></span>
</div>
</form>Text Content
Latest News COLES EYES SECOND CHAPTER FOR 'SMARTER SELLING' MEET THE SUSTAINABILITY FINALISTS IN THE 2023 ITNEWS BENCHMARK AWARDS META SUPPORTS PUBLISHING INDUSTRY DRAFT CODES TPG TELECOM WANTS YEARLY NBN PRICE RISES BLOCKED RETAILER BEST&LESS PREPARES TECHNOLOGY REFRESH * Australia Edition * Asia Edition LOG IN SUBSCRIBE Search BUSINESS CLOUD DATA CENTRE EDUCATION FINANCE HARDWARE HEALTHCARE INDUSTRIAL NETWORKING PROJECTS SOFTWARE STORAGE STRATEGY TECHNOLOGY TELCO/ISP State of Sustainability State of Security State of IT Focal Points MEDIA HUB PARTNER CONTENT PARTNER HUBS RESEARCH * NEWS * GOVERNMENT * SECURITY * REPORTS * RESOURCES * PODCAST * BENCHMARKS * SPOTLIGHT NEWS BUSINESS CLOUD DATA CENTRE EDUCATION FINANCE HARDWARE HEALTHCARE INDUSTRIAL NETWORKING PROJECTS SOFTWARE STORAGE STRATEGY TECHNOLOGY TELCO/ISP GOVERNMENT SECURITY REPORTS State of Sustainability State of Security State of IT RESOURCES Focal Points MEDIA HUB PARTNER CONTENT PARTNER HUBS RESEARCH PODCAST BENCHMARKS SPOTLIGHT Australia Edition Asia Edition LOG IN Email: Password: Remember me | Forgot password? Don't have an account? Register now! * Home * News * Technology * Security CLAMAV VULNERABILITY HITS CISCO SECURITY SOFTWARE By Richard Chirgwin on Feb 17, 2023 7:00AM REMOTE CODE EXECUTION BUG PATCHED. Cisco has revealed that a vulnerability discovered in the open source ClamAV antivirus scanning engine affects some of its security products. The bug, CVE-2023-20032, was patched on Wednesday by ClamAV’s maintainers. “A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code," ClamAV’s advisory stated. Cisco’s advisory elaborated by stating that “this vulnerability is due to a missing buffer size check that may result in a heap buffer overflow write." "An attacker could exploit this vulnerability by submitting a crafted HFS+ partition file to be scanned by ClamAV on an affected device," Cisco said. "A successful exploit could allow the attacker to execute arbitrary code with the privileges of the ClamAV scanning process, or else crash the process, resulting in a denial of service (DoS) condition.” AdChoices ADVERTISING Cisco uses ClamAV in its Secure Endpoint (formerly Advanced Malware Protection for Endpoints) for Windows, MacOS, and Windows; its Secure Endpoint Private Cloud; and its Secure Web Appliance products. Fixes have been published for all products. The networking giant also announced that its Nexus Dashboard has been patched to fix a denial-of-service vulnerability, CVE-2023-20014, in its DNS request handling. “An attacker could exploit this vulnerability by sending a continuous stream of DNS requests to an affected device," Cisco said. "A successful exploit could allow the attacker to cause the coredns service to stop working or cause the device to reload, resulting in a DoS condition.” Got a news tip for our journalists? Share it with us anonymously here. Copyright © iTnews.com.au . All rights reserved. Tags: ciscoclamavsecurity PARTNER CONTENT Partner Content From digital transformation to digital acceleration Partner Content How digital transformation and edge computing can help your small and medium-sized business Partner Content Software automation helps envirotech company Envirosuite Partner Content Harnessing sustainable technologies to drive business growth SPONSORED WHITEPAPERS 2023 Tech Forecast: Build a recession-proof tech workforce Technology Skill Development | The strategy for building better teams Perspecitves on technology skill development State of Upskilling | 2022 Retrospective Business Case for Upskilling EVENTS * Future of Field Service Live Tour 2023 * 9th Annual Aus Government Data Summit * IoT Impact Conference * IoT Awards 2022 By Richard Chirgwin Feb 17 2023 7:00AM 0 Comments RELATED ARTICLES * Gov to close long-running telco metadata loophole * Vic gov to set up cyber defence centre and hubs * German airport websites hit by suspected cyber attack * Intel patches dozens of bugs MOST READ ARTICLES GOV SEES 47 MANDATORY CYBER INCIDENT REPORTS IN NINE MONTHS BUNNINGS AND KMART FACIAL RECOGNITION PROBE SET TO FINISH BY JULY VIC GOV TO SET UP CYBER DEFENCE CENTRE AND HUBS MICROSOFT PATCHES THREE EXPLOITED ZERO-DAYS Please enable JavaScript to view the comments powered by Disqus. DIGITAL NATION Case study: Transurban uses automation to detect road incidents Meta threatens to take news off its platform in the US. Yep, we're here again Case Study: How HCF reengaged its customers through data and analytics Cover Story: The business of gaming will reshape marketing, technology Case study: How La Trobe University sets its data students up for success Sponsored Links * How Wyldlynx is protecting clients from the dangers of hidden data * Software automation helps envirotech company Envirosuite MOST POPULAR TECH STORIES * COVER STORY: THE BUSINESS OF GAMING WILL RESHAPE MARKETING, TECHNOLOGY TRUST AND ETHICS DROP NATIONALLY: GOVERNANCE INSTITUTE OF AUSTRALIA CASE STUDY: HOW HCF REENGAGED ITS CUSTOMERS THROUGH DATA AND ANALYTICS DIGITAL ADVERTISING ADDS $94B TO GDP: IAB AUSTRALIA STATE OF SECURITY 2022 * WHO PARTIED WITH CRN AT THE CALI BEACH CLUB IN THE GOLD COAST? CITRIX LAUNCHES SIMPLIFIED PARTNER PROGRAM PARTNERS JOIN INGRAM MICRO, VERTIV FOR COOKING LESSONS AUSSIE CHANNEL CONVERGE AT THE GOLD COAST FOR CRN PIPELINE 2022 IN THE LOW-LATENCY CLOUD ERA, CONNECTIVITY MAKES ALL THE DIFFERENCE * RIGHT TO REPAIR: LARGE SCALE IT BUYERS CAN INFLUENCE PRODUCT DESIGN... AND THEY SHOULD SHIVERING IN SUMMER? SWEATING IN WINTER? YOUR BUILDING IS LIVING A LIE BUILDING A MODERN WORKPLACE FOR A REMOTE WORKFORCE VENOM BLACKBOOK ZERO 15 PHANTOM HOW LONG WILL A UPS KEEP YOUR COMPUTERS ON IF THE LIGHTS GO OUT? * SIEMENS AND SWINBURNE UNIVERSITY OF TECHNOLOGY PLAN $5.2 MILLION 'ENERGY TRANSITION HUB" ERICSSON, TELSTRA PURPLE TAKE 5G UNDERGROUND WITH NEWCREST THINXTRA SEEKS IT CHANNEL PARTNERS LEADING EDGE DATA CENTRES LAUNCHES REGIONAL CLOUD SERVICES ANZSTA AWARDS NIGHT PHOTOS Contact Us About Us Feedback Advertise Newsletter Archive Site Map RSS © 2023 nextmedia Pty Ltd. OTHER TECH SITES: BIT | CRN Australia | Digital Nation | IoT Hub All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation. Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions. Powered By Accept By using our site you accept that we use and share cookies and similar technologies to perform analytics and provide content and ads tailored to your interests. By continuing to use our site, you consent to this. Please see our Cookie Policy for more information. Close LOG IN Don't have an account? Register now! Email: Password: Remember me | Forgot your password? Log InCancel