SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


Try our Premium Alert Service
 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service





Category:   Application (Security)  >   eTrust Antivirus Vendors:   CA
CA eTrust Antivirus Format String Bug in Scan Job Description Field Lets Local Users Execute Arbitrary Code
SecurityTracker Alert ID:  1016391
SecurityTracker URL:  http://securitytracker.com/id/1016391
CVE Reference:   CVE-2006-3223   (Links to External Site)
Updated:  Jun 29 2006
Original Entry Date:  Jun 27 2006
Impact:   Execution of arbitrary code via local system, User access via local system
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): r8
Description:   A vulnerability was reported in Computer Associates eTrust Antivirus. A local user may be able to execute arbitrary code on the target system.

The description field of a scan job is not properly validated. A user that can create a scan job can create a specially crafted scan job description that contains format string specifiers. Then, when the job is processed, the process may crash or execute arbitrary code.

CA Integrated Threat Management and eTrust PestPatrol are also affected.

The vendor was notified on May 4, 2006.

Deral Heiland of LayeredDefense.com discovered this vulnerability.

Impact:   A local user may be able to execute arbitrary code on the target system.
Solution:   The vendor has issued a fix as part of Content Update build 432.
Vendor URL:  www.ca.com/ (Links to External Site)
Cause:   Input validation error, State error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  [Full-disclosure] CAID 34325 - CA ITM, eAV,


Title: CAID 34325 - CA ITM, eAV, ePP scan job description field format 
string vulnerability

CA Vulnerability ID: 34325

CA Advisory Date: 2006-06-26

Discovered By: Deral Heiland (www.layereddefense.com)


Impact: Attackers can cause a denial of service condition or possibly 
execute arbitrary code.


Summary: CA Integrated Threat Management, eTrust Antivirus, and eTrust 
PestPatrol contain a vulnerability that can allow attackers to cause a 
denial of service condition or possibly execute arbitrary code. The 
vulnerability is due to improper processing of format strings in the 
description field of a scan job. An attacker, who can create a scan job 
containing format string directives, can potentially overwrite memory 
to cause a crash or execute arbitrary code.


Mitigating Factors: None


Severity: CA has given this vulnerability a Medium risk rating.


Affected Products: 
CA Integrated Threat Management r8
eTrust Antivirus r8
eTrust PestPatrol Anti-spyware Corporate Edition r8


Status and Recommendation: This vulnerability is addressed in Content 
Update build 432. Use the content update mechanism to install this 
update.


References: (URLs may wrap)

CA SupportConnect:
http://supportconnect.ca.com/

Client GUI Vulnerability Content Update - build 432
http://supportconnectw.ca.com/public/eitm/infodocs/etrustitmvuln-content
update.asp

CAID: 34325
CAID Advisory link: 
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34325

CVE Reference: 
CVE-2006-3223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3223

OSVDB Reference: 
OSVDB-26654 http://osvdb.org/26654


Changelog for this advisory:
v1.0 - Initial Release


Customers who require additional information should contact CA 
Technical Support at http://supportconnect.ca.com.

For technical questions or comments related to this advisory,
please send email to vuln@ca.com, or contact me directly.

If you discover a vulnerability in CA products, please report
your findings to vuln@ca.com, or utilize our "Submit a 
Vulnerability" form.
URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx


Regards,
Ken Williams ; 0xE2941985
Director, CA Vulnerability Research


CA, One Computer Associates Plaza. Islandia, NY 11749
	
Contact http://www3.ca.com/contact/
Legal Notice http://www3.ca.com/legal/
Privacy Policy http://www3.ca.com/privacy/
Copyright (c) 2006 CA. All rights reserved.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2018, SecurityGlobal.net LLC