CVE-2004-0552

Sophos Small Business Suite 1.00 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0552. PoCs published by Kurt Seifried.

AI-analyzed exploit summary The exploit describes a vulnerability in Sophos Anti-Virus where files with reserved MS-DOS names (e.g., 'aux') can bypass virus scanning. The provided command demonstrates copying a file to such a name, evading detection.

Description

Sophos Small Business Suite 1.00 on Windows does not properly handle files whose names contain reserved MS-DOS device names such as (1) LPT1, (2) COM1, (3) AUX, (4) CON, or (5) PRN, which can allow malicious code to bypass detection when it is installed, copied, or executed.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Kurt Seifried · textremotewindows
https://www.exploit-db.com/exploits/24623

The exploit describes a vulnerability in Sophos Anti-Virus where files with reserved MS-DOS names (e.g., 'aux') can bypass virus scanning. The provided command demonstrates copying a file to such a name, evading detection.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Sophos Anti-Virus (versions affected in 2004)
No auth needed
Prerequisites: Access to the target system to create or copy files with reserved names
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Various Sources third-party-advisory x_refsource_idefense
http://www.idefense.com/application/poi/display?id=143&type=vulnerabilities
Exploit, Patch, Vendor Advisory x_refsource_misc
http://www.seifried.org/security/advisories/kssa-005.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17468

Scores

EPSS 0.2387
EPSS Percentile 97.6%

Details

Status published
Products (1)
sophos/small_business_suite < 1.00
Published Nov 03, 2004
Tracked Since Feb 18, 2026