Multiple.Vendor.Antivirus.RAR.File.DoS
Description
It indicates a possible exploit of a denial of service vulnerability in various Sophos Anti-Virus products.
This flaw is due to an infinite loop error when processing specially crafted RAR archives, which could be exploited to exhaust all available resources, creating a denial of service condition.
Affected Products
Sophos Anti-Virus + Application Control for Windows 2000/XP/2003 versions 6.x
Sophos Anti-Virus for Windows 2000/XP/2003 versions 6.x
Sophos Endpoint Security + Application Control 2000/XP/2003 versions 6.x
Sophos Endpoint Security versions 6.x
Sophos Anti-Virus for Linux (on-access) versions 5.x
Sophos Anti-Virus for AIX (PowerPC) versions 4.x
Sophos Anti-Virus for FreeBSD 6+ versions 4.x
Sophos Anti-Virus for FreeBSD 5.2+ versions 4.x
Sophos Anti-Virus for FreeBSD 3+ versions 4.x
Sophos Anti-Virus for FreeBSD 4.5+ versions 4.x
Sophos Anti-Virus for HP-UX (AMD64, glibc 2.3) versions 4.x
Sophos Anti-Virus for HP-UX (Itanium) versions 4.x
Sophos Anti-Virus for Linux (AMD64, glibc 2.3) versions 4.x
Sophos Anti-Virus for Linux (Intel, libc6) versions 4.x
Sophos Anti-Virus for Linux (Intel, libc6-glibc2.2) versions 4.x
Sophos Anti-Virus for Solaris (SPARC) versions 4.x
Sophos Anti-Virus for Solaris (Intel) versions 4.x
Sophos Anti-Virus for Tru64 UNIX (Alpha) versions 4.x
Sophos Anti-Virus for Windows 95/98/Me versions 4.x
Sophos Anti-Virus for Windows NT/2000/XP versions 4.x
Sophos Anti-Virus for NetWare versions 4.x
Sophos Anti-Virus for Windows NT versions 4.x
Sophos Anti-Virus for Macintosh versions 4.x
Sophos Anti-Virus for OS X versions 4.x
Impact
Denial of service.
Recommended Actions
Apply fixes :
http://www.sophos.com/support/updates
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 |