Sophos RMS / TAO Component Denial of Service
- Published: 16 Jan 2009
- Type: Sophos RMS / TAO Component DoS Vulnerability
- Severity: Medium
Affected Products
Sophos Remote Management System / TAO Component
CVE
CVE-2009-0117
The Remote Management System (RMS) router component of Sophos Anti-Virus utilises TAO, which is a third party developed message request broker that contains a vulnerability. This RMS component is used by a service in installations of Sophos software. By constructing a specially crafted packet it is possible to cause the service to terminate. This attack could be performed without authenticating to the remote system.