DoS vulnerability in Sophos antivirus products
July 11, 2008 – 5:53 AMAntivirus software vendor Sophos has reported the discovery of a DoS vulnerability in some of its products. According to the security advisory, specially crafted attachments to emails can bring down Sophos E-mail Appliance, Pure Message for UNIX and Sophos Anti-Virus Interface (SAVI). For the attack to succeed, the MIME attachment has to have a length of zero. Sophos says that only Linux/UNIX installations are affected.
Apparently, the flaw only turned up after the recent July update – signature version 4.31 and engine 2.75. The flaw has already been updated in SAVI with new virus signatures. Sophos has reactivated the old updates – 4.30 and 2.7 – for Appliance and Pure Message, respectively, and is now working to fix the underlying flaw in the engine. The vendor will then release a new update.
Source:
http://www.heise-online.co.uk/news/DoS-vulnerability-in-Sophos-antivirus-products–/111086