Vulnerability Name:

CVE-2007-4577 (CCN-36240)

Assigned:2007-08-08
Published:2007-08-08
Updated:2018-10-15
Summary:Sophos Anti-Virus for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (infinite loop) via a malformed BZip file that results in the creation of multiple Engine temporary files (aka a "BZip bomb").
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P)
1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-noinfo
CWE-399
Vulnerability Consequences:Denial of Service
References:Source: CCN
Type: BugTraq Mailing List, Fri Aug 24 2007 - 14:14:41 CDT
n.runs-SA-2007.026 - Sophos Antivirus BZip parsing Infinite Loop Advisory

Source: MITRE
Type: CNA
CVE-2007-4577

Source: CCN
Type: SA26580
Sophos Anti-Virus UPX and BZIP Processing Vulnerabilities

Source: SECUNIA
Type: Patch, Vendor Advisory
26580

Source: SREASON
Type: UNKNOWN
3073

Source: CCN
Type: SECTRACK ID: 1018608
Sophos Anti-Virus UPX Processing Bug May Let Remote Users Execute Arbitrary Code and GZip Bug Lets Remote Users Deny Service

Source: SECTRACK
Type: UNKNOWN
1018608

Source: MISC
Type: UNKNOWN
http://www.nruns.com/security_advisory_sophos_gzip_infinite_loop_dos.php

Source: CCN
Type: OSVDB ID: 37987
Sophos Anti-Virus for Unix/Linux Malformed BZip Archive DoS

Source: BUGTRAQ
Type: UNKNOWN
20070824 n.runs-SA-2007.026 - Sophos Antivirus BZip parsing Infinite Loop Advisory

Source: BID
Type: UNKNOWN
25428

Source: CCN
Type: BID-25428
Sophos Anti-Virus UPX and BZIP Multiple Remote Vulnerabilities

Source: CCN
Type: Sophos Web site
Sophos Anti-Virus vulnerabilities reported by n.runs (UPX, Bzip)

Source: CONFIRM
Type: UNKNOWN
http://www.sophos.com/support/knowledgebase/article/28407.html

Source: VUPEN
Type: UNKNOWN
ADV-2007-2972

Source: XF
Type: UNKNOWN
sophos-bzip-dos(36240)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:sophos:anti-virus:3.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:3.78:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:3.78d:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:3.79:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:3.80:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:3.81:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:3.82:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:3.83:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:3.84:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:3.85:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:3.86:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:3.90:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:3.91:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:3.95:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:3.96.0:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:4.03:*:linux:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:4.04:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:4.05:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:4.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:4.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:4.5.11:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:4.5.12:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:4.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:4.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:5.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:5.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:5.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:5.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:5.0.9:*:linux:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:5.1:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:5.2:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:5.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:anti-virus:6.5:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:scanning_engine:2.30.4:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:scanning_engine:2.40.2:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:small_business_suite:4.04:*:*:*:*:*:*:*
  • OR cpe:/a:sophos:small_business_suite:4.05:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    sophos anti-virus 3.4.6
    sophos anti-virus 3.78
    sophos anti-virus 3.78d
    sophos anti-virus 3.79
    sophos anti-virus 3.80
    sophos anti-virus 3.81
    sophos anti-virus 3.82
    sophos anti-virus 3.83
    sophos anti-virus 3.84
    sophos anti-virus 3.85
    sophos anti-virus 3.86
    sophos anti-virus 3.90
    sophos anti-virus 3.91
    sophos anti-virus 3.95
    sophos anti-virus 3.96.0
    sophos anti-virus 4.03
    sophos anti-virus 4.04
    sophos anti-virus 4.05
    sophos anti-virus 4.5.3
    sophos anti-virus 4.5.4
    sophos anti-virus 4.5.11
    sophos anti-virus 4.5.12
    sophos anti-virus 4.7.1
    sophos anti-virus 4.7.2
    sophos anti-virus 5.0.1
    sophos anti-virus 5.0.2
    sophos anti-virus 5.0.4
    sophos anti-virus 5.0.9
    sophos anti-virus 5.0.9
    sophos anti-virus 5.1
    sophos anti-virus 5.2
    sophos anti-virus 5.2.1
    sophos anti-virus 6.5
    sophos scanning engine 2.30.4
    sophos scanning engine 2.40.2
    sophos small business suite 4.04
    sophos small business suite 4.05