Sophos Antivirus Library Remote Heap Overflow ?
richard.siddall at ELIRION.NET
Tue Aug 30 14:53:36 IST 2005
Darrin Powell wrote:
> Thanks, Richard
> I need to pay closer attention to the list :)
There was an update on the BugTraq list
(mailto:bugtraq-subscribe at securityfocus.com) yesterday in response to
the message I quoted:
> You are partially correct. Prior to this advisory, Sophos & rem0te
> agreed to w/hold details until all fixes were available (August
> 26th). The Sophos link you provided below does not disclose any
> details of the vulnerability - only the patch - which leaves a lot of
> people guessing about the actual vulnerability details.
> It's also important to note there are many large 3rd party vendors
> that sublicense this library who should apply patches to their
> customer installations. It will be interesting to see how many of
> these 3rd parties issue advisories to their users.
So it sounds like you need a more recent update than the August 5th one.
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner