|
 |
|
CA Products CHM and RAR File Processing Denial of Service Vulnerabilities
|
|
|
|
|
Secunia Advisory:
|
SA26155
|
|
|
Release Date:
|
2007-07-25
|
|
Last Update:
|
2007-07-26
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
DoS
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | BrightStor ARCserve Backup 11.x
BrightStor ARCserve Backup 11.x (for Microsoft SQL Server)
BrightStor ARCserve Backup 11.x (for Open Files)
BrightStor ARCserve Backup 11.x (for Oracle)
BrightStor ARCserve Backup 11.x (for Windows)
BrightStor ARCserve Backup 9.x
BrightStor ARCserve Backup Client Agent 11.x
BrightStor Enterprise Backup 10.x
CA Anti-Spyware 2007
CA Anti-Spyware 8.x
CA Anti-Virus 2007 (8.x)
CA Anti-Virus for the Enterprise 8.x
CA Anti-Virus Gateway 7.x
CA Anti-Virus SDK
CA Common Services (CCS) 11.x
CA Internet Security Suite 2007 (3.x)
CA Protection Suites 2.x
CA Protection Suites 3.x
CA Threat Manager 8.x
CA Unicenter Network and Systems Management (NSM) 11.x
CA Unicenter Network and Systems Management (NSM) 3.x
eTrust Antivirus 6.x
eTrust Antivirus 7.x
eTrust EZ Armor 1.x
eTrust EZ Armor 2.x
eTrust EZ Armor 3.x
eTrust Internet Security Suite 1.x
eTrust Internet Security Suite 2.x
eTrust Intrusion Detection 2.x
eTrust Intrusion Detection 3.x
eTrust Secure Content Manager (SCM)
|
| | CVE reference: | CVE-2006-5645 (Secunia mirror)
CVE-2007-3875 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
Two vulnerabilities have been reported in various CA products, which can be exploited by malicious people to cause a DoS (Denial of Service).
1) An input validation error when processing CHM files can be exploited to cause an infinite loop via a specially crafted CHM file with an invalid 'previous listing chunk number' field.
2) An unspecified error when processing RAR archives can be exploited to cause the application to hang when e.g. scanning a specially crafted RAR archive.
The vulnerabilities affect the following products:
* CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.0, 7.1, r8, r8.1
* CA Anti-Virus 2007 (v8)
* eTrust EZ Antivirus r7, r6.1
* CA Internet Security Suite 2007 (v3)
* eTrust Internet Security Suite r1, r2
* eTrust EZ Armor r1, r2, r3.x
* CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8
* CA Anti-Virus Gateway (formerly eTrust Antivirus eTrust Antivirus Gateway) 7.1
* CA Protection Suites r2, r3
* CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1, 8.0
* CA Anti-Spyware for the Enterprise (Formerly eTrust PestPatrol) r8, 8.1
* CA Anti-Spyware 2007
* Unicenter Network and Systems Management (NSM) r3.0
* Unicenter Network and Systems Management (NSM) r3.1
* Unicenter Network and Systems Management (NSM) r11
* Unicenter Network and Systems Management (NSM) r11.1
* BrightStor ARCserve Backup r11.5
* BrightStor ARCserve Backup r11.1
* BrightStor ARCserve Backup r11 for Windows
* BrightStor Enterprise Backup r10.5
* BrightStor ARCserve Backup v9.01
* BrightStor ARCserve Client agent for Windows
* eTrust Intrusion Detection 2.0 SP1, 3.0, 3.0 SP1
* CA Common Services (CCS) r11
* CA Common Services (CCS) r11.1
* CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
Solution:
Apply updates.
CA Secure Content Manager 1.1:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89469
CA Secure Content Manager 8.0:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO87114
Unicenter Network and Systems Management (NSM) r3.0:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89141
Unicenter Network and Systems Management (NSM) r3.1:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89139
Unicenter Network and Systems Management (NSM) r11:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89140
Unicenter Network and Systems Management (NSM) r11.1:
http://supportconnect.ca.com/sc/redir...mp;searchID=QO89138&startsearch=1
CA Common Services (CCS) r11:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89140
CA Common Services (CCS) r11.1:
http://supportconnect.ca.com/sc/redir...mp;searchID=QO89138&startsearch=1
CA Anti-Virus Gateway 7.1:
http://supportconnect.ca.com/sc/redir...mp;searchID=QO89381&startsearch=1
eTrust Intrusion Detection 2.0 sp1:
http://supportconnect.ca.com/sc/redir...mp;searchID=QO89474&startsearch=1
eTrust Intrusion Detection 3.0:
http://supportconnect.ca.com/sc/redir...mp;searchID=QO86925&startsearch=1
eTrust Intrusion Detection 3.0 sp1:
http://supportconnect.ca.com/sc/redir...mp;searchID=QO86923&startsearch=1
CA Protection Suites r2:
Apply updates for CA Anti-Virus 7.1.
BrightStor ARCserve Backup and BrightStor ARCserve Client agent for Windows:
Replace the arclib.dll file with the one provided in the CA Anti-Virus 7.1 fix set. Please see the vendor's advisory for details.
CA Anti-Virus 7.1 (Solaris):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86831
CA Anti-Virus 7.1 (Netware):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86832
CA Anti-Virus 7.1 (MacPPC):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86833
CA Anti-Virus 7.1 (MacIntel):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86834
CA Anti-Virus 7.1 (Linux390):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86835
CA Anti-Virus 7.1 (Linux):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86836
CA Anti-Virus 7.1 (HP-UX):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86837
CA Anti-Virus 7.1 (Windows NT 32 bit):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86843
CA Anti-Virus 7.1 (Windows NT AMD64):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86846
CA Threat Manager for the Enterprise r8.1 (Linux):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86839
CA Threat Manager for the Enterprise r8.1 (Mac):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86828
CA Threat Manager for the Enterprise r8.1 (Solaris):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86829
Provided and/or discovered by:
1) Independently discovered by:
* Sergio Alvarez, n.runs AG
* An anonymous person and reported via iDefense Labs.
2) The vendor credits Titon of BastardLabs and Damian Put, reported via iDefense Labs.
Changelog:
2007-07-26: Updated "Credits" section and added additional link to n.runs AG advisory.
Original Advisory:
CA:
http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp
iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567
n.runs AG:
http://www.nruns.com/security_advisory_ca_etrust_chm_infinite_loop_dos.php
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
42 Related Secunia Security Advisories, displaying 10
|
|
|
1. CA Secure Content Manager Multiple Vulnerabilities
|
|
2. CA ARCserve Backup Multiple Vulnerabilities
|
|
3. CA Secure Content Manager eCSqdmn Denial of Service Vulnerabilities
|
|
4. CA ARCserve Backup Discovery Service Denial of Service
|
|
5. CA Products Alert Notification Server Multiple Vulnerabilities
|
|
6. CA Products Ingres User Authentication Security Issue
|
|
7. CA BrightStor ARCServe Backup Multiple Vulnerabilities
|
|
8. CA Message Queuing Server Buffer Overflow Vulnerability
|
|
9. CA eTrust Intrusion Detection CallCode ActiveX Control Insecure Methods
|
|
10. CA Products Alert Notification Server Multiple Buffer Overflows
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
