Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-disclosure] n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop

from [security] Network Security [Permanent Link]
Subject: [Full-disclosure] n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory
Date: Wed, 25 Jul 2007 15:07:41 +0200 
n.runs AG                                          
http://www.nruns.com/                                  security(at)nruns.com
n.runs-SA-2007.024                                           25-Jul-2007
________________________________________________________________________

Vendor:                 Computer Associates, http://www.ca.com
Affected Products:      CA eTrust Antivirus,
http://www3.ca.com/solutions/product.aspx?ID=156
Vulnerability:          Infinite Loop DoS (remote) 
Risk:                           HIGH

________________________________________________________________________

Vendor communication:

  2007/05/09            Initial notification to CA 
  2007/05/11            CA Responses
  2007/05/11            PGP keys exchange
  2007/05/11            PoC files sent to CA
  2007/05/15            CA ask for product and version used in the test
  2007/05/15            Information requested sent to CA
  2007/05/18            CA validates the vulnerabilities
  2007/07/24            CA releases the Security Notice to the public
  2007/07/25            n.runs AG releases a coordinated disclosure advisory
________________________________________________________________________

Overview:
 
Founded in 1976, CA today is a global company with headquarters in the
United States and 150 offices in more than 45 countries. They serve more
than 99% of Fortune 1000R companies, as well as government entities,
educational institutions and thousands of other companies in diverse
industries worldwide.
eTrust is an Antivirus developed by Computer Associates.
Combined with CA Anti-Spyware for the Enterprise, CA Anti-Virus for the
Enterprise provides efficient, centrally-managed, multi-layered protection
against a broad range of malware threats.

Description:

A remotely exploitable vulnerability has been found in the file parsing
engine.

In detail, the following flaw was determined:

- Infinite Loop in .CHM files parsing

Impact:

This problem can lead to remote engine denial-of-service if an attacker
carefully crafts a file that exploits the aforementioned vulnerability. The
vulnerability is present in CA eTrust Antivirus software previous to file
arclib.dll version 7.3.0.9.

Solution:

The vulnerability was reported on 09.May.2007 and an update has been issued
to solve this vulnerability through the regular update mechanism.
NOTE: Not all products are automatically updated; please refer to the
following link to validate:
http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.
asp
________________________________________________________________________

Credit: 
Bugs found by Sergio Alvarez of n.runs AG. 
________________________________________________________________________

References: 
http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064895.html
http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.
asp

This Advisory and Upcoming Advisories:
http://www.nruns.com/security_advisory.php
http://www.nruns.com/parsing-engines-advisories.php
________________________________________________________________________

Unaltered electronic reproduction of this advisory is permitted. For all
other reproduction or publication, in printing or otherwise, contact
security@nruns.com for permission. Use of the advisory constitutes
acceptance for use in an "as is" condition. All warranties are excluded. In
no event shall n.runs be liable for any damages whatsoever including direct,
indirect, incidental, consequential, loss of business profits or special
damages, even if n.runs has been advised of the possibility of such damages.


Copyright 2007 n.runs AG. All rights reserved. Terms of apply.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Full-disclosure] n.runs-SA-2007.024 - CA eTrust Antivirus Infinite Loop DoS (remote) Advisory, security <=
Previous by Date:  [Full-disclosure] [ GLSA 200707-08 ] NVClock: Insecure file usage, Raphael Marichez
Next by Date:  [Full-disclosure] [SecNiche Security] WAZ (v 1.0) : Windows Anti Zomb Killer Released, Aditya K Sood
Previous by Thread:  [Full-disclosure] [ GLSA 200707-08 ] NVClock: Insecure file usage, Raphael Marichez
Next by Thread:  [Full-disclosure] [SecNiche Security] WAZ (v 1.0) : Windows Anti Zomb Killer Released, Aditya K Sood
Indexes:  [Date] [Thread] [Top] [All Lists]