Sophos Anti-Virus Engine < 3.50.1 System Objects DoS

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

An antivirus application on the remote Windows host is affected by a
denial of service vulnerability.

Description :

The Sophos Anti-Virus install on the remote host uses an engine version
earlier than 3.50.1. As such, it reportedly has a misconfigured Access
Control List (ACL) on certain system objects that could allow a local
attacker to cause the host to become sluggish and eventually crash, or
display false 'ready for update' message popups.

See also :

http://www.nessus.org/u?80e5b8f4
http://seclists.org/bugtraq/2014/Feb/1
http://www.nessus.org/u?47f14129

Solution :

Upgrade to Sophos Anti-Virus engine version 3.50.1 or later.

Risk factor :

Medium / CVSS Base Score : 4.9
(CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 3.8
(CVSS2#E:POC/RL:OF/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 72337 ()

Bugtraq ID: 65286

CVE ID: CVE-2014-1213