Advisory: Unexpected terminations of selected Sophos products by zero-byte MIME attachments
Issue
Sophos has identified an issue within selected Sophos products which incorporate the July update (4.31 virus data and 2.75 engine) which can cause unexpected terminations when scanning specific MIME attachments of zero-byte length.
A fix has been included in the latest virus identity file, no further action is required by customers.
Sophos products affected
Sophos Email Appliance
Pure Message for Unix
Sophos Anti-Virus Interface (SAVI)
Only Linux/Unix installations appear to have been affected.
Sophos Email Appliance and Pure Message for Unix were automatically rolled back to the 4.30 virus data/2.74 engine. No further action is required by customers with these products.
The SAVI issue is being fixed through the release of virus data and therefore no further action is required by customers.
The underlying issue within the virus detection engine itself will be fixed at the earliest opportunity and released during a standard monthly update.
MIME attachments of the type specified will be added to the Sophos test collection so that such an incident does not re-occur.
If you need more information or guidance, then please contact technical support.
- Article ID: 42245
- Created: 9 Jul 2008
- Last updated: 24 Oct 2008
