RE: Sophos Antivirus Library Remote Heap Overflow Aug 27 2005 05:09AM
Dowling, Gabrielle (dowlingg sullcrom com)
Sophos has had a fix for since August 5th...

http://www.sophos.com/support/knowledgebase/article/3409.htmlj. The

vulnerability was also publicly discussed prior to that time.


-----Original Message-----

From: list (at) rem0te (dot) com [email concealed] [mailto:list (at) rem0te (dot) com [email concealed]]

Sent: Friday, August 26, 2005 8:36 AM

To: full-disclosure (at) lists.grok.org (dot) uk [email concealed]; bugtraq (at) securityfocus (dot) com [email concealed]

Subject: Sophos Antivirus Library Remote Heap Overflow


August 26, 2005


The Sophos Antivirus Library provides file format support for virus

analysis. During analysis of Visio files Sophos is vulnerable to a heap

overflow allowing attackers complete control of the system(s) being

protected. This vulnerability can be exploited remotely without user

interaction or authentication through common protocols such as SMTP,

SMB, HTTP, FTP, etc.


Successful exploitation of Sophos protected systems allows attackers

unauthorized control of data and related privileges. It also provides

leverage for further network compromise. Sophos Antivirus Library

implementations are likely vulnerable in their default configuration.

Affected Products

Sophos Antivirus for Windows 2000/XP/2003

Sophos Antivirus for Windows NT

Sophos Antivirus for Mac OS X

Sophos Antivirus for MAC 8/9

Sophos Antivirus for UNIX/Linux

Sophos Antivirus for Netware

Sophos Antivirus for OS/2

Sophos Antivirus for OpenVMS

Sophos Antivirus for DOS/Windows 3.1x

Sophos Antivirus Small Business Edition for Windows

Sophos Antivirus Small Business Edition for Mac

PureMessage Small Business Edition

PureMessage for Windows/Exchange

PureMessage for UNIX

MailMonitor for SMTP - Windows

MailMonitor for Notes/Domino

MailMonitor for Exchange

The Sophos Antivirus Library is also OEM by over 25 other vendors with

products that are affected by this vulnerability; see the following link

for a list. There are also several vendors not listed that OEM the

Sophos Antivirus Library. Refer to Sophos or your vendor for specifics.



This vulnerability was discovered and researched by Alex Wheeler.


security (at) rem0te (dot) com [email concealed]




This e-mail is sent by a law firm and contains information that may be

privileged and confidential. If you are not the intended recipient,

please delete the e-mail and notify us immediately.

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus