Back to list
RE: Sophos Antivirus Library Remote Heap Overflow
Aug 27 2005 05:09AM
Dowling, Gabrielle (dowlingg sullcrom com)
Sophos has had a fix for since August 5th...
vulnerability was also publicly discussed prior to that time.
From: list (at) rem0te (dot) com [email concealed] [mailto:list (at) rem0te (dot) com [email concealed]]
Sent: Friday, August 26, 2005 8:36 AM
To: full-disclosure (at) lists.grok.org (dot) uk [email concealed]; bugtraq (at) securityfocus (dot) com [email concealed]
Subject: Sophos Antivirus Library Remote Heap Overflow
August 26, 2005
The Sophos Antivirus Library provides file format support for virus
analysis. During analysis of Visio files Sophos is vulnerable to a heap
overflow allowing attackers complete control of the system(s) being
protected. This vulnerability can be exploited remotely without user
interaction or authentication through common protocols such as SMTP,
SMB, HTTP, FTP, etc.
Successful exploitation of Sophos protected systems allows attackers
unauthorized control of data and related privileges. It also provides
leverage for further network compromise. Sophos Antivirus Library
implementations are likely vulnerable in their default configuration.
Sophos Antivirus for Windows 2000/XP/2003
Sophos Antivirus for Windows NT
Sophos Antivirus for Mac OS X
Sophos Antivirus for MAC 8/9
Sophos Antivirus for UNIX/Linux
Sophos Antivirus for Netware
Sophos Antivirus for OS/2
Sophos Antivirus for OpenVMS
Sophos Antivirus for DOS/Windows 3.1x
Sophos Antivirus Small Business Edition for Windows
Sophos Antivirus Small Business Edition for Mac
PureMessage Small Business Edition
PureMessage for Windows/Exchange
PureMessage for UNIX
MailMonitor for SMTP - Windows
MailMonitor for Notes/Domino
MailMonitor for Exchange
The Sophos Antivirus Library is also OEM by over 25 other vendors with
products that are affected by this vulnerability; see the following link
for a list. There are also several vendors not listed that OEM the
Sophos Antivirus Library. Refer to Sophos or your vendor for specifics.
This vulnerability was discovered and researched by Alex Wheeler.
security (at) rem0te (dot) com [email concealed]
This e-mail is sent by a law firm and contains information that may be
privileged and confidential. If you are not the intended recipient,
please delete the e-mail and notify us immediately.
[ reply ]
Copyright 2010, SecurityFocus