Intrusion PreventionMultiple.Vendor.Antivirus.RAR.File.DoS
Description
It indicates a possible exploit of a denial of service vulnerability in various Sophos Anti-Virus products.
This flaw is due to an infinite loop error when processing specially crafted RAR archives, which could be exploited to exhaust all available resources, creating a denial of service condition.
Affected Products
Sophos Anti-Virus + Application Control for Windows 2000/XP/2003 versions 6.x
Sophos Anti-Virus for Windows 2000/XP/2003 versions 6.x
Sophos Endpoint Security + Application Control 2000/XP/2003 versions 6.x
Sophos Endpoint Security versions 6.x
Sophos Anti-Virus for Linux (on-access) versions 5.x
Sophos Anti-Virus for AIX (PowerPC) versions 4.x
Sophos Anti-Virus for FreeBSD 6+ versions 4.x
Sophos Anti-Virus for FreeBSD 5.2+ versions 4.x
Sophos Anti-Virus for FreeBSD 3+ versions 4.x
Sophos Anti-Virus for FreeBSD 4.5+ versions 4.x
Sophos Anti-Virus for HP-UX (AMD64, glibc 2.3) versions 4.x
Sophos Anti-Virus for HP-UX (Itanium) versions 4.x
Sophos Anti-Virus for Linux (AMD64, glibc 2.3) versions 4.x
Sophos Anti-Virus for Linux (Intel, libc6) versions 4.x
Sophos Anti-Virus for Linux (Intel, libc6-glibc2.2) versions 4.x
Sophos Anti-Virus for Solaris (SPARC) versions 4.x
Sophos Anti-Virus for Solaris (Intel) versions 4.x
Sophos Anti-Virus for Tru64 UNIX (Alpha) versions 4.x
Sophos Anti-Virus for Windows 95/98/Me versions 4.x
Sophos Anti-Virus for Windows NT/2000/XP versions 4.x
Sophos Anti-Virus for NetWare versions 4.x
Sophos Anti-Virus for Windows NT versions 4.x
Sophos Anti-Virus for Macintosh versions 4.x
Sophos Anti-Virus for OS X versions 4.x
Impact
Denial of service.
Recommended Actions
Apply fixes :
http://www.sophos.com/support/updates
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-12-11 | 16.978 |
| ID | 14258 |
| Created | Mar 07, 2007 |
| Updated | Nov 08, 2021 |
| Risk |
|
| CVE ID | CVE-2006-5645 |
| Exploit Prediction Score | 18.57% |
| Default Action | pass |
| Active | |
| Affected OS | Windows, Linux |
| Affected App | Other |