SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Security)  >   eTrust Antivirus Vendors:   CA
(Vendor Issues Fix for 6.0) eTrust Antivirus Can By Bypassed By Remote Users Sending Password-Protected Zip File Contents
SecurityTracker Alert ID:  1009518
SecurityTracker URL:  http://securitytracker.com/id/1009518
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Mar 22 2004
Impact:   Host/resource access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 6.0
Description:   A vulnerability was reported in eTrust Antivirus. The antivirus software may fail to detected infected files within zip files that contain a password-protected file.

The vendor reported that when eTrust Antivirus performs a scan on a zip file that contains a password protected file along with other files, eTrust Antivirus will scan the password-protected file but will not scan any additional files after that.

A remote user can send a specially crafted zip file containing a virus that will pass through the antivirus system without detection.
Impact:   A remote user can send a virus through the antivirus system without detection.
Solution:   The vendor has issued a fix:

NODE: ftp.ca.com
PATH: /CAproducts/unicenter/eTrust/AntiVirus/6.0/nt/qo51215
FILES: QO51215.C5D QO51215.CAZ

For installation instructions and additional download URLs, see the vendor's advisory:

http://support.ca.com/Download/patches/ilitnt/QO51215.html
Vendor URL:  support.ca.com/Download/patches/ilitnt/QO51215.html (Links to External Site)
Cause:   State error
Underlying OS:   Windows (Any)

Message History:   This archive entry is a follow-up to the message listed below.
Feb 16 2004 eTrust Antivirus Can By Bypassed By Remote Users Sending Password-Protected Zip File Contents


 Source Message Contents
Date:  Mon, 22 Mar 2004 16:42:22 -0500
Subject:  http://support.ca.com/Download/patches/ilitnt/QO51215.html


http://support.ca.com/Download/patches/ilitnt/QO51215.html

 > PRODUCT: eTrust Antivirus EE RELEASE: 6.0

 > APAR #: QO51215 DATE: 1 MAR 2004

 > PROBLEM DESCRIPTION: NT-CANNOT CONTINUE SCAN ZIP FILE WITH PASSWORD

Computer Associates reported that eTrust Antivirus version 6.0 is also affected.

The vendor has issued a fix:

NODE: ftp.ca.com
PATH: /CAproducts/unicenter/eTrust/AntiVirus/6.0/nt/qo51215
FILES: QO51215.C5D QO51215.CAZ

For installation instructions and additional download URLs, see the vendor's advisory:

http://support.ca.com/Download/patches/ilitnt/QO51215.html


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC