[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Sophos Antivirus Library Remote Heap Overflow
From:       list () rem0te ! com
Date:       2005-08-26 12:36:01
Message-ID: W593719675151211125059761 () webmail2
[Download RAW message or body]

Date
August 26, 2005

Vulnerability
The Sophos Antivirus Library provides file format support for virus analysis. During \
analysis of Visio files Sophos is vulnerable to a heap overflow allowing attackers \
complete control of the system(s) being protected. This vulnerability can be \
exploited remotely without user interaction or authentication through common \
protocols such as SMTP, SMB, HTTP, FTP, etc. 

Impact
Successful exploitation of Sophos protected systems allows attackers unauthorized \
control of data and related privileges. It also provides leverage for further network \
compromise. Sophos Antivirus Library implementations are likely vulnerable in their \
default configuration.

Affected Products
Sophos Antivirus for Windows 2000/XP/2003
Sophos Antivirus for Windows NT
Sophos Antivirus for Mac OS X
Sophos Antivirus for MAC 8/9
Sophos Antivirus for UNIX/Linux
Sophos Antivirus for Netware
Sophos Antivirus for OS/2
Sophos Antivirus for OpenVMS
Sophos Antivirus for DOS/Windows 3.1x
Sophos Antivirus Small Business Edition for Windows
Sophos Antivirus Small Business Edition for Mac
PureMessage Small Business Edition 
PureMessage for Windows/Exchange
PureMessage for UNIX
MailMonitor for SMTP – Windows
MailMonitor for Notes/Domino
MailMonitor for Exchange

The Sophos Antivirus Library is also OEM by over 25 other vendors with products that \
are affected by this vulnerability; see the following link for a list. There are also \
several vendors not listed that OEM the Sophos Antivirus Library. Refer to Sophos or \
your vendor for specifics.

http://www.sophos.com/partners/oem/

Credit
This vulnerability was discovered and researched by Alex Wheeler.

Contact
security@rem0te.com 

Details
http://www.rem0te.com/public/images/sophos.pdf


[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic