exploits , vulnerabilities , articles , Sophos Anti-Virus Reserved MS-DOS Name Scan Evasion Vulnerability

Title	Sophos Anti-Virus Reserved MS-DOS Name Scan Evasion Vulnerability
Published	2004-09-22-12:00AM
Updated	2004-09-27-03:03PM
Class	Design Error
CVE	CAN-2004-0552
Remote	Yes
Local	No
Credit	Kurt Seifried <kurt@seifried.org> is credited with this discovery.
Vulnerable	Sophos Small Business Suite 1.0 Sophos AntiVirus 3.80 Sophos AntiVirus 3.81 Sophos AntiVirus 3.82 Sophos AntiVirus 3.83 Sophos AntiVirus 3.84 Sophos AntiVirus 3.85 Sophos AntiVirus 3.85 Sophos AntiVirus 3.84 Sophos AntiVirus 3.83 Sophos AntiVirus 3.82 Sophos AntiVirus 3.81 Sophos AntiVirus 3.80 Sophos AntiVirus 3.79 Sophos AntiVirus 3.78 d Sophos AntiVirus 3.78
Not Vulnerable	Sophos Anti-Virus 3.86
Code	No exploit is required to leverage this issue. Reportedly it is possible to change the name of a file to an MS-DOS reserved device file name using the following command (in this example, AUX is the target device name): copy source \.C:aux
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-18 Adobe Flash Media Server Resource Exhaustion Remote Denial of Service Vulnerability
2009-12-18 Centreon Authentication Mechanism Security Bypass Vulnerability
2009-12-18 Family Connections Multiple Input Validation Vulnerabilities
2009-12-18 Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
2009-12-17 Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities
2009-12-17 HP OpenView Storage Data Protector Stack Buffer Overflow Vulnerability

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Sat, 19 Dec 2009 00:53:50 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
STORIES htmltonuke mambo Remo 200 /compo t206t invision p news for c www.tjnami Crack Data news for C php-bb mambo Remo cpanel 11 Tagger LE image Airespace www.335098 mambo Remo Videosexir dx.218vip. php-bb mambo Remo 200 /compo askjolene Dotproject mandigo wow Patch wwwpink wo Free downl Southactre sexvidos www.17zyb. sexy clip news for C askjolene www.samira lo216l php-fusion ImagePorno Apache htt news for c foto galer news for c tjma Apache htt si yo fuer bruna ferr web deface source rou si yo fuer