In association with heise online

11 July 2008, 09:32

DoS vulnerability in Sophos antivirus products

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Antivirus software vendor Sophos has reported the discovery of a DoS vulnerability in some of its products. According to the security advisory, specially crafted attachments to emails can bring down Sophos E-mail Appliance, Pure Message for UNIX and Sophos Anti-Virus Interface (SAVI). For the attack to succeed, the MIME attachment has to have a length of zero. Sophos says that only Linux/UNIX installations are affected.

Apparently, the flaw only turned up after the recent July update – signature version 4.31 and engine 2.75. The flaw has already been updated in SAVI with new virus signatures. Sophos has reactivated the old updates – 4.30 and 2.7 – for Appliance and Pure Message, respectively, and is now working to fix the underlying flaw in the engine. The vendor will then release a new update.

See also:

* Unexpected terminations of selected Sophos products by zero-byte MIME attachments, Error report from Sophos


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit