lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <W593719675151211125059761@webmail2>
Date: Fri Aug 26 13:36:10 2005
From: list at rem0te.com (list@...0te.com)
Subject: Sophos Antivirus Library Remote Heap Overflow

Date
August 26, 2005

Vulnerability
The Sophos Antivirus Library provides file format support for virus analysis. During analysis of Visio files Sophos is vulnerable to a heap overflow allowing attackers complete control of the system(s) being protected. This vulnerability can be exploited remotely without user interaction or authentication through common protocols such as SMTP, SMB, HTTP, FTP, etc. 

Impact
Successful exploitation of Sophos protected systems allows attackers unauthorized control of data and related privileges. It also provides leverage for further network compromise. Sophos Antivirus Library implementations are likely vulnerable in their default configuration.

Affected Products
Sophos Antivirus for Windows 2000/XP/2003
Sophos Antivirus for Windows NT
Sophos Antivirus for Mac OS X
Sophos Antivirus for MAC 8/9
Sophos Antivirus for UNIX/Linux
Sophos Antivirus for Netware
Sophos Antivirus for OS/2
Sophos Antivirus for OpenVMS
Sophos Antivirus for DOS/Windows 3.1x
Sophos Antivirus Small Business Edition for Windows
Sophos Antivirus Small Business Edition for Mac
PureMessage Small Business Edition 
PureMessage for Windows/Exchange
PureMessage for UNIX
MailMonitor for SMTP ? Windows
MailMonitor for Notes/Domino
MailMonitor for Exchange

The Sophos Antivirus Library is also OEM by over 25 other vendors with products that are affected by this vulnerability; see the following link for a list. There are also several vendors not listed that OEM the Sophos Antivirus Library. Refer to Sophos or your vendor for specifics.

http://www.sophos.com/partners/oem/

Credit
This vulnerability was discovered and researched by Alex Wheeler.

Contact
security@...0te.com 

Details
http://www.rem0te.com/public/images/sophos.pdf

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ