VULHUB ™

It has been reported that ClamAV may be prone to an arbitrary command execution vulnerability that may allow a local attacker to execute arbitrary commands in the context of the root user. The issue presents itself when the 'VirusEvent' directive in the 'clamav.conf' configuration file has been enabled and the 'Dazuko' module is used with the antivirus software. Although unconfirmed, all versions of the application are assumed to vulnerable at the moment. This information will be updated as more details become available.

It has been reported that ClamAV may be prone to an arbitrary command execution vulnerability that may allow a local attacker to execute arbitrary commands in the context of the root user. The issue presents itself when the 'VirusEvent' directive in the 'clamav.conf' configuration file has been enabled and the 'Dazuko' module is used with the antivirus software. Although unconfirmed, all versions of the application are assumed to vulnerable at the moment. This information will be updated as more details become available.