I'n Blog 之萬象真藏

A most serious, easily exploitable vulnerability in ClamAV versions prior to 0.91.2, recently released, could allow an attacker to compromise a system by sending an e-mail to it.

The issue is in clamav-milter, the sendmail plug-in for the anti-virus, which scans e-mail as it comes into the server. Clamav-milter doesn't properly sanitize user input. It is possible to inject shell code in the server by sending an e-mail with a specially malformed recipient field.

There are no reports of real-world exploits using this vulnerability.

Posted by Larry Seltzer on August 25, 2007 2:13 PM

http://blogs.eweek.com/cheap_hack/content/security_software/sendmail_users_update_clamav_now.html