Sophos Anti-Virus Engine < 3.50.1 System Objects DoS
Medium Nessus Plugin ID 72337
SynopsisAn antivirus application on the remote Windows host is affected by a denial of service vulnerability.
DescriptionThe Sophos Anti-Virus install on the remote host uses an engine version earlier than 3.50.1. As such, it reportedly has a misconfigured Access Control List (ACL) on certain system objects that could allow a local attacker to cause the host to become sluggish and eventually crash, or display false 'ready for update' message popups.
SolutionUpgrade to Sophos Anti-Virus engine version 3.50.1 or later.