Sophos Anti-Virus Delivery Status Notification Handling Scanner Bypass Vulnerability
BID:9650
Info
Sophos Anti-Virus Delivery Status Notification Handling Scanner Bypass Vulnerability
| Bugtraq ID: | 9650 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 12 2004 12:00AM |
| Updated: | Feb 12 2004 12:00AM |
| Credit: | The vendor announced this vulnerability. |
| Vulnerable: |
Sophos Anti-Virus 3.78 Sophos Anti-Virus 3.4.6 |
| Not Vulnerable: |
Sophos Anti-Virus 3.78 d |
Discussion
Sophos Anti-Virus Delivery Status Notification Handling Scanner Bypass Vulnerability
Sophos Anti-Virus has been reported prone to a scanner bypass vulnerability. The issue presents itself when certain types of Delivery Status Notification (DSN) are encountered.
An attacker may exploit this condition, to bypass virus scans. This may result in a false sense of security and malicious code completely bypassing detection.
Sophos Anti-Virus has been reported prone to a scanner bypass vulnerability. The issue presents itself when certain types of Delivery Status Notification (DSN) are encountered.
An attacker may exploit this condition, to bypass virus scans. This may result in a false sense of security and malicious code completely bypassing detection.
Exploit / POC
Sophos Anti-Virus Delivery Status Notification Handling Scanner Bypass Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Sophos Anti-Virus Delivery Status Notification Handling Scanner Bypass Vulnerability
Solution:
The vendor has released updates to address this issue.
Sophos Anti-Virus 3.78
Solution:
The vendor has released updates to address this issue.
Sophos Anti-Virus 3.78
-
Sophos aix.tar.Z
AIX on PowerPC
http://www.sophos.com/misc/aix.tar.Z -
Sophos angz.exe
http://www.sophos.com/misc/angz.exe -
Sophos freebsd.elf.tar.Z
FreeBSD version 3+ on Intel (using ELF format)
http://www.sophos.com/misc/freebsd.elf.tar.Z -
Sophos hpux.tar.Z
HP-UX on HP-PA
http://www.sophos.com/misc/hpux.tar.Z -
Sophos linux.intel.libc6.glibc.2.2.tar.Z
Linux on Intel using libc6 (glibc 2.2)
http://www.sophos.com/misc/linux.intel.libc6.glibc.2.2.tar.Z -
Sophos linux.intel.libc6.tar.Z
Linux on Intel using libc6
http://www.sophos.com/misc/linux.intel.libc6.tar.Z -
Sophos solaris.sparc.tar.Z
Solaris on Sparc
http://www.sophos.com/misc/solaris.sparc.tar.Z
References
Sophos Anti-Virus Delivery Status Notification Handling Scanner Bypass Vulnerability
References:
References: