Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Exploits-HackingTools
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[NT] eTrust Antivirus, Anti-Spyware and Integrated Threat Management For

from [SecuriTeam] Network Security [Permanent Link]
Subject: [NT] eTrust Antivirus, Anti-Spyware and Integrated Threat Management Format String
Date: 2 Jul 2006 17:06:19 +0200 
The following security advisory is sent to the securiteam mailing list, and can 
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html 

- - - - - - - - -



  eTrust Antivirus, Anti-Spyware and Integrated Threat Management Format 
String
------------------------------------------------------------------------


SUMMARY

" <http://www3.ca.com/solutions/Product.aspx?ID=156> eTrust Antivirus 
helps manage your virus challenges by providing a single, comprehensive 
virus management solution that eliminates virus infections, eases 
administration, simplifies and automates the updating process, and more."

" <http://www.pestpatrol.com/> eTrust PestPatrol Anti-Spyware is a spyware 
removal tool."

"The  <http://www3.ca.com/Solutions/Product.aspx?ID=5704> CA Integrated 
Threat Management r8 solution combines best-of-breed eTrust PestPatrol 
Anti-Spyware Corporate Edition with eTrust  Antivirus with a single 
management console and increases efficiency through a common agent, 
logging facility and updating tools."

Improper handling of user input allows attackers to execute arbitrary code 
in CA products: eTrust Antivirus, eTrust PestPatrol and  Integrated Threat 
Management.

DETAILS

Vulnerable Systems:
 * eTrust Antivirus version 8.0
 * eTrust PestPatrol version 8.0
 * Integrated Threat Management version 8.0

A format string vulnerability was discovered within eTrust Antivirus, 
eTrust PestPatrol and Integrated Threat Management. The vulnerability is 
due to improper processing of format strings within the scan job 
description field. An attacker could create a scan job containing special 
crafted format strings that could potential lead to execution of arbitrary 
code, rights escalation and at a minimum denial of service.

Vendor Status:
This vulnerability is addressed by vendor in Content Update build 432.
Client GUI Vulnerability Content Update - build 432  
<http://supportconnectw.ca.com/public/eitm/infodocs/etrustitmvuln-contentupdate.asp>
 
http://supportconnectw.ca.com/public/eitm/infodocs/etrustitmvuln-contentupdate.asp

CVE Information:
 <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3223> 
CVE-2006-3223

Disclosure Timeline:
05/04/2006   Reported Vulnerability to Vendor.
06/27/2006   Vulnerability fixed & public disclosure.


ADDITIONAL INFORMATION

The information has been provided by  <mailto:dh@layereddefense.com> Deral 
Heiland.
The original article can be found at:  
<http://www.layereddefense.com/ADVISORIES.html> 
http://www.layereddefense.com/ADVISORIES.html
The vendor advisory can be found at:  
<http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34325> 
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34325



======================================== 


This bulletin is sent to members of the SecuriTeam mailing list. 
To unsubscribe from the list, send mail with an empty subject line and body to: 
list-unsubscribe@securiteam.com 
In order to subscribe to the mailing list, simply forward this email to: 
list-subscribe@securiteam.com 


==================== 
==================== 

DISCLAIMER: 
The information in this bulletin is provided "AS IS" without warranty of any 
kind. 
In no event shall we be liable for any damages whatsoever including direct, 
indirect, incidental, consequential, loss of business profits or special 
damages.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [NT] eTrust Antivirus, Anti-Spyware and Integrated Threat Management Format String, SecuriTeam <=
Previous by Date:  [NT] ASP Stats Generator Multiple Vulnerabilities (SQL Injection, Code Execution), SecuriTeam
Next by Date:  [NEWS] PrivateWire Online Registration Facility Buffer Overflow, SecuriTeam
Previous by Thread:  [NT] ASP Stats Generator Multiple Vulnerabilities (SQL Injection, Code Execution), SecuriTeam
Next by Thread:  [NEWS] PrivateWire Online Registration Facility Buffer Overflow, SecuriTeam
Indexes:  [Date] [Thread] [Top] [All Lists]