Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Exploits-HackingTools
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[NEWS] Computer Associates AntiVirus CHM File Handling DoS Vulnerability

from [SecuriTeam] Network Security [Permanent Link]
Subject: [NEWS] Computer Associates AntiVirus CHM File Handling DoS Vulnerability
Date: 25 Jul 2007 15:27:04 +0200 
The following security advisory is sent to the securiteam mailing list, and can 
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html 

- - - - - - - - -



  Computer Associates AntiVirus CHM File Handling DoS Vulnerability
------------------------------------------------------------------------


SUMMARY

 <http://www3.ca.com/solutions/product.aspx?ID=156> eTrust is an antivirus 
application developed by Computer Associates. Remote exploitation of a 
denial of Service (DoS) vulnerability in Computer Associates Inc.'s eTrust 
Antivirus products could allow attackers to create a DoS condition on the 
affected computer.

DETAILS

Vulnerable Systems:
 * eTrust AntiVirus version r8.
 * (Previous versions of eTrust Antivirus are suspected vulnerable).
 * (Other Computer Associates products, as well as derived products, may 
also be vulnerable).

When eTrust Antivirus engine scans a malformed CHM file that has an 
invalid 'previous listing chunk number' field, the scanner will enter an 
infinite loop and be unable to process any other files.

This denial of service attack will prevent the scanner from scanning other 
files on disk while it is stuck on the exploit file. The hung process can 
be quit by the user and does not consume all system resources.

Vendor Status:
Computer Associates has addressed this vulnerability by releasing updates. 
These updates are available via the products' automatic update features.
More information is available within Computer Associates advisory at the 
following URL.
 
<http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp>
 http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp

CVE Information:
 <http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3875> 
CVE-2007-3875

Disclosure Timeline:
 * 01/16/2007 - Initial vendor notification
 * 01/17/2007 - Initial vendor response
 * 07/24/2007 - Coordinated public disclosure


ADDITIONAL INFORMATION

The information has been provided by iDefense.
The original article can be found at:
 
<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567> 
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567



======================================== 


This bulletin is sent to members of the SecuriTeam mailing list. 
To unsubscribe from the list, send mail with an empty subject line and body to: 
list-unsubscribe@securiteam.com 
In order to subscribe to the mailing list, simply forward this email to: 
list-subscribe@securiteam.com 


==================== 
==================== 

DISCLAIMER: 
The information in this bulletin is provided "AS IS" without warranty of any 
kind. 
In no event shall we be liable for any damages whatsoever including direct, 
indirect, incidental, consequential, loss of business profits or special 
damages.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [NEWS] Computer Associates AntiVirus CHM File Handling DoS Vulnerability, SecuriTeam <=
Previous by Date:  [NT] Computer Associates eTrust Intrusion Detection CallCode ActiveX Control Code Execution Vulnerability, SecuriTeam
Next by Date:  [NT] BakBone NetVault Reporter Scheduler Heap Overflow Vulnerability, SecuriTeam
Previous by Thread:  [NT] Computer Associates eTrust Intrusion Detection CallCode ActiveX Control Code Execution Vulnerability, SecuriTeam
Next by Thread:  [NT] BakBone NetVault Reporter Scheduler Heap Overflow Vulnerability, SecuriTeam
Indexes:  [Date] [Thread] [Top] [All Lists]