Denial of Service Vulnerability in Sophos Email Appliance and Anti-Virus
CVE-2008-3177

Currently unrated

Key Information:

Vendor

Sophos
Status
Es1000
Es4000
Sophos Anti-virus
Sophos Puremessage Anti-virus
Vendor
CVE Published:
15 July 2008

What is CVE-2008-3177?

The Sophos virus detection engine version 2.75, utilized in several Sophos products such as the Sophos Email Appliance, Pure Message for Unix, and Sophos Anti-Virus Interface (SAVI), is susceptible to a denial of service attack. This vulnerability arises when an attacker sends a specially crafted email containing zero-length MIME attachments, which can lead the engine to crash. Exploiting this flaw can disrupt service and compromise the functionality of affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id?1020462
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/30110
vdb-entryx_refsource_BID
http://www.vupen.com/english/advisories/2008/2053/references
vdb-entryx_refsource_VUPEN

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.