CVE-2006-5645

Sophos Anti-Virus and Endpoint Security < 6.0.5 - Denial of Service via Malformed RAR Archive

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5645. PoCs published by Damian Put.

AI-analyzed exploit summary This entry describes a Denial of Service (DoS) vulnerability affecting multiple antivirus vendors via a malformed RAR file. The provided link points to a binary exploit (2912.rar) but no actual code is included in the text.

Description

Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Damian Put · textdosmultiple

https://www.exploit-db.com/exploits/2912

View Code ZIP pw:eip

This entry describes a Denial of Service (DoS) vulnerability affecting multiple antivirus vendors via a malformed RAR file. The provided link points to a binary exploit (2912.rar) but no actual code is included in the text.

Classification

Writeup 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Theoretical

Target: Multiple Antivirus Vendors (e.g., Sophos, others)

No auth needed

Prerequisites: A malformed RAR file to trigger the vulnerability

MITRE ATT&CK