Posted by Virus Bulletin on Dec 13, 2006
Fixes issued for archive handling problems.
Researchers working with Tipping Point's Zero Day Initiative (ZDI) program have released details of two vulnerabilities in the Sophos scanning engine. The flaws, in the handling of CPIO and SIT archive formats, could be exploited by maliciously crafted files to cause a buffer overflow and potentially breach system security.
The vulnerabilities are being announced after patches for the flaws have been released by Sophos. Users are advised to ensure their products are running the latest updates from Sophos (engine version 2.40).
Further information on the issues can be found at Sophos, here and here, and at the ZDI site, here and here. A joint alert from Secunia is here.
Secunia is also carrying an alert (here) on a vulnerability in ClamAV found during recent testing of gateway mail filters, reported in VB here.
Posted on 13 December 2006 by Virus Bulletin
