Vulnerability Detail

CA Integrated Threat Management, eTrust Antivirus, and eTrust PestPatrol format string vulnerability

Date Discovered:
26 Jun 2006

Date Published:
27 Jun 2006

Last Updated:
27 Jun 2006

Threat Assessment

Overall Risk: Medium

Popularity : Medium

Impact: High

Simplicity: Low

Characteristics

Vulnerability ID: 34325
Discovered By: Deral Heiland

Exploitable Locally: Yes
Exploitable Remotely: Yes

Impact: Attackers can cause a denial of service condition or possibly execute arbitrary code.

Root Cause: Software Vulnerability

Description

Recommendations

Affected Technologies

References

Description

CA Integrated Threat Management, eTrust Antivirus, and eTrust PestPatrol contain a vulnerability that can allow attackers to cause a denial of service condition or possibly execute arbitrary code. The vulnerability is due to improper processing of format strings in the description field of a scan job. An attacker, who can create a scan job containing format string directives, can potentially overwrite memory to cause a crash or possibly execute arbitrary code.

Recommendations

-------------------------------------------------------------------------------
For: CA eTrust Antivirus 8.0, CA eTrust PestPatrol 8.0, CA Integrated Threat Management 8.0

Apply the Content Update 432 from the vendor.

Vendor reference:

http://supportconnectw.ca.com/public/eitm/infodocs/etrustitmvuln-contentupdate.asp

Affected Technologies

Computer Associates: CA eTrust Antivirus 8.0
Computer Associates: CA eTrust PestPatrol 8.0
Computer Associates: CA Integrated Threat Management 8.0

References

Computer Associates: etrustitmvuln
Mitre CVE: CVE-2006-3223

CA Global Security Advisor

Current threat condition: Low

Documents and Tools

Find Threats

Viruses Spyware
Vulnerabilities All

Page Tools