---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Sophos Anti-Virus ZIP Archive Denial of Service Vulnerability SECUNIA ADVISORY ID: SA16082 VERIFY ADVISORY: http://secunia.com/advisories/16082/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote SOFTWARE: Sophos MailMonitor 2.x http://secunia.com/product/165/ Sophos Anti-Virus 5.x http://secunia.com/product/5390/ Sophos Anti-Virus 4.x http://secunia.com/product/5391/ Sophos Anti-Virus 3.x http://secunia.com/product/164/ Sophos PureMessage 4.x http://secunia.com/product/3876/ DESCRIPTION: A vulnerability has been reported in Sophos Anti-Virus, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to missing validation checks on the "Extra field length" value when scanning a ZIP archive compressed using the BZIP2 algorithm. This can be exploited to cause an infinite loop that consumes large amount of CPU resources via a malicious ZIP file with an extra field length value of "0xFFFF". Successful exploitation prevents further scanning, but requires the non-default "Scan inside archive files" setting to be enabled. The vulnerability has been reported in versions 3.91, 3.90, and 5.0.1. Other versions may also be affected. SOLUTION: Update to latest versions using automatic update. The problem has reportedly been fixed in the following versions: * Version 3.95.0 of Sophos Anti-Virus (all platforms) * Version 5.0.4 of Sophos Anti-Virus (Windows 2000/XP/2003) * Version 4.5.3 of Sophos Anti-Virus (Windows NT and Windows 95/98/Me) * Latest updated versions of PureMessage for UNIX, Windows/Exchange and MailMonitor. PROVIDED AND/OR DISCOVERED BY: Discovered by anonymous person and reported via iDEFENSE. ORIGINAL ADVISORY: iDEFENSE: http://www.idefense.com/application/poi/display?id=283&type=vulnerabilities ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------