Vulnerabilities > CVE-2008-3177 - Configuration vulnerability in Sophos products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Sophos virus detection engine 2.75 on Linux and Unix, as used in Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), allows remote attackers to cause a denial of service (engine crash) via zero-length MIME attachments.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Hardware | 2 | |
Application | 4 |
Common Weakness Enumeration (CWE)
References
- http://secunia.com/advisories/31037
- http://www.securityfocus.com/bid/30110
- http://www.securitytracker.com/id?1020462
- http://www.sophos.com/support/knowledgebase/article/42245.html?_log_from=rss
- http://www.vupen.com/english/advisories/2008/2053/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43703