[<prev] [next>] [day] [month] [year] [list]
Message-ID: <649CDCB56C88AA458EFF2CBF494B6204FD1066@USILMS12.ca.com>
Date: Tue, 27 Jun 2006 15:17:36 -0400
From: "Williams, James K" <James.Williams@...com>
To: <bugtraq@...urityfocus.com>
Subject: CAID 34325 - CA ITM, eAV, ePP scan job description field format string vulnerability
Title: CAID 34325 - CA ITM, eAV, ePP scan job description field format
string vulnerability
CA Vulnerability ID: 34325
CA Advisory Date: 2006-06-26
Discovered By: Deral Heiland (www.layereddefense.com)
Impact: Attackers can cause a denial of service condition or possibly
execute arbitrary code.
Summary: CA Integrated Threat Management, eTrust Antivirus, and eTrust
PestPatrol contain a vulnerability that can allow attackers to cause a
denial of service condition or possibly execute arbitrary code. The
vulnerability is due to improper processing of format strings in the
description field of a scan job. An attacker, who can create a scan job
containing format string directives, can potentially overwrite memory
to cause a crash or execute arbitrary code.
Mitigating Factors: None
Severity: CA has given this vulnerability a Medium risk rating.
Affected Products:
CA Integrated Threat Management r8
eTrust Antivirus r8
eTrust PestPatrol Anti-spyware Corporate Edition r8
Status and Recommendation: This vulnerability is addressed in Content
Update build 432. Use the content update mechanism to install this
update.
References: (URLs may wrap)
CA SupportConnect:
http://supportconnect.ca.com/
Client GUI Vulnerability Content Update - build 432
http://supportconnectw.ca.com/public/eitm/infodocs/etrustitmvuln-content
update.asp
CAID: 34325
CAID Advisory link:
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34325
CVE Reference:
CVE-2006-3223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3223
OSVDB Reference:
OSVDB-26654 http://osvdb.org/26654
Changelog for this advisory:
v1.0 - Initial Release
Customers who require additional information should contact CA
Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory,
please send email to vuln@...com, or contact me directly.
If you discover a vulnerability in CA products, please report
your findings to vuln@...com, or utilize our "Submit a
Vulnerability" form.
URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx
Regards,
Ken Williams ; 0xE2941985
Director, CA Vulnerability Research
CA, One Computer Associates Plaza. Islandia, NY 11749
Contact http://www3.ca.com/contact/
Legal Notice http://www3.ca.com/legal/
Privacy Policy http://www3.ca.com/privacy/
Copyright (c) 2006 CA. All rights reserved.
Powered by blists - more mailing lists