Sophos.Anti-Virus.Zip.File.Handling.DoS
Description
This indicates a possible exploit of a denial of service vulnerability in Sophos Anti-Virus.
The issue exists due to the failure of the software to adequately sanitize 'Extra field length' values contained in BZip2 archives. Ultimately this vulnerability may be exploited to conduct a denial of proper service for legitimate users.
Attackers may leverage this issue to prevent the software from completing file scans, for files received subsequent to an attack. This may allow the attacker to bypass Anti-Virus scans.
Affected Products
Sophos Small Business Suite 1.0
Sophos PureMessage Anti-Virus 4.6
Sophos MailMonitor for SMTP 2.1
Sophos MailMonitor for SMTP 2.0
Sophos MailMonitor for Notes/Domino
Sophos Anti-Virus 5.0.1
Sophos Anti-Virus 3.91
Sophos Anti-Virus 3.90
Sophos Anti-Virus 3.86
Sophos Anti-Virus 3.85
Sophos Anti-Virus 3.84
Sophos Anti-Virus 3.83
Sophos Anti-Virus 3.82
Sophos Anti-Virus 3.81
Sophos Anti-Virus 3.80
Sophos Anti-Virus 3.79
Sophos Anti-Virus 3.78 d
Sophos Anti-Virus 3.78
Sophos Anti-Virus 3.4.6
Impact
Denial of service, system compromise.
Recommended Actions
Apply the appropriate update for your system, available from the Sophos Technical Support Web page.
http://www.sophos.com/support/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |