|
|
|
|
CA Products CHM and RAR File Processing Denial of Service Vulnerabilities
|
|
Secunia Advisory:
|
SA26155
|
|
|
Release Date:
|
2007-07-25
|
|
Last Update:
|
2007-07-26
|
|
Popularity:
|
16,926 views
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
DoS
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | BrightStor ARCserve Backup 11.x
BrightStor ARCserve Backup 11.x (for Microsoft SQL Server)
BrightStor ARCserve Backup 11.x (for Open Files)
BrightStor ARCserve Backup 11.x (for Oracle)
BrightStor ARCserve Backup 11.x (for Windows)
BrightStor ARCserve Backup 9.x
BrightStor ARCserve Backup Client Agent 11.x
BrightStor Enterprise Backup 10.x
CA Anti-Spyware 2007
CA Anti-Spyware 8.x
CA Anti-Virus 2007 (8.x)
CA Anti-Virus for the Enterprise 8.x
CA Anti-Virus Gateway 7.x
CA Anti-Virus SDK
CA Common Services (CCS) 11.x
CA Internet Security Suite 2007
CA Protection Suites 2.x
CA Protection Suites 3.x
CA Threat Manager 8.x
CA Unicenter Network and Systems Management (NSM) 11.x
CA Unicenter Network and Systems Management (NSM) 3.x
eTrust Antivirus 6.x
eTrust Antivirus 7.x
eTrust EZ Armor 1.x
eTrust EZ Armor 2.x
eTrust EZ Armor 3.x
eTrust Internet Security Suite 1.x
eTrust Internet Security Suite 2.x
eTrust Intrusion Detection 2.x
eTrust Intrusion Detection 3.x
eTrust Secure Content Manager (SCM)
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities 
|
| | CVE reference: | CVE-2006-5645
CVE-2007-3875
|
|
Description:
Two vulnerabilities have been reported in various CA products, which can be exploited by malicious people to cause a DoS (Denial of Service).
1) An input validation error when processing CHM files can be exploited to cause an infinite loop via a specially crafted CHM file with an invalid 'previous listing chunk number' field.
2) An unspecified error when processing RAR archives can be exploited to cause the application to hang when e.g. scanning a specially crafted RAR archive.
The vulnerabilities affect the following products:
* CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.0, 7.1, r8, r8.1
* CA Anti-Virus 2007 (v8)
* eTrust EZ Antivirus r7, r6.1
* CA Internet Security Suite 2007 (v3)
* eTrust Internet Security Suite r1, r2
* eTrust EZ Armor r1, r2, r3.x
* CA Threat Manager for the Enterprise (formerly eTrust Integrated Threat Management) r8
* CA Anti-Virus Gateway (formerly eTrust Antivirus eTrust Antivirus Gateway) 7.1
* CA Protection Suites r2, r3
* CA Secure Content Manager (formerly eTrust Secure Content Manager) 1.1, 8.0
* CA Anti-Spyware for the Enterprise (Formerly eTrust PestPatrol) r8, 8.1
* CA Anti-Spyware 2007
* Unicenter Network and Systems Management (NSM) r3.0
* Unicenter Network and Systems Management (NSM) r3.1
* Unicenter Network and Systems Management (NSM) r11
* Unicenter Network and Systems Management (NSM) r11.1
* BrightStor ARCserve Backup r11.5
* BrightStor ARCserve Backup r11.1
* BrightStor ARCserve Backup r11 for Windows
* BrightStor Enterprise Backup r10.5
* BrightStor ARCserve Backup v9.01
* BrightStor ARCserve Client agent for Windows
* eTrust Intrusion Detection 2.0 SP1, 3.0, 3.0 SP1
* CA Common Services (CCS) r11
* CA Common Services (CCS) r11.1
* CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)
Solution:
Apply updates.
CA Secure Content Manager 1.1:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89469
CA Secure Content Manager 8.0:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO87114
Unicenter Network and Systems Management (NSM) r3.0:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89141
Unicenter Network and Systems Management (NSM) r3.1:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89139
Unicenter Network and Systems Management (NSM) r11:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89140
Unicenter Network and Systems Management (NSM) r11.1:
http://supportconnect.ca.com/sc/redir...mp;searchID=QO89138&startsearch=1
CA Common Services (CCS) r11:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89140
CA Common Services (CCS) r11.1:
http://supportconnect.ca.com/sc/redir...mp;searchID=QO89138&startsearch=1
CA Anti-Virus Gateway 7.1:
http://supportconnect.ca.com/sc/redir...mp;searchID=QO89381&startsearch=1
eTrust Intrusion Detection 2.0 sp1:
http://supportconnect.ca.com/sc/redir...mp;searchID=QO89474&startsearch=1
eTrust Intrusion Detection 3.0:
http://supportconnect.ca.com/sc/redir...mp;searchID=QO86925&startsearch=1
eTrust Intrusion Detection 3.0 sp1:
http://supportconnect.ca.com/sc/redir...mp;searchID=QO86923&startsearch=1
CA Protection Suites r2:
Apply updates for CA Anti-Virus 7.1.
BrightStor ARCserve Backup and BrightStor ARCserve Client agent for Windows:
Replace the arclib.dll file with the one provided in the CA Anti-Virus 7.1 fix set. Please see the vendor's advisory for details.
CA Anti-Virus 7.1 (Solaris):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86831
CA Anti-Virus 7.1 (Netware):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86832
CA Anti-Virus 7.1 (MacPPC):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86833
CA Anti-Virus 7.1 (MacIntel):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86834
CA Anti-Virus 7.1 (Linux390):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86835
CA Anti-Virus 7.1 (Linux):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86836
CA Anti-Virus 7.1 (HP-UX):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86837
CA Anti-Virus 7.1 (Windows NT 32 bit):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86843
CA Anti-Virus 7.1 (Windows NT AMD64):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86846
CA Threat Manager for the Enterprise r8.1 (Linux):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86839
CA Threat Manager for the Enterprise r8.1 (Mac):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86828
CA Threat Manager for the Enterprise r8.1 (Solaris):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO86829
Provided and/or discovered by:
1) Independently discovered by:
* Sergio Alvarez, n.runs AG
* An anonymous person and reported via iDefense Labs.
2) The vendor credits Titon of BastardLabs and Damian Put, reported via iDefense Labs.
Changelog:
2007-07-26: Updated "Credits" section and added additional link to n.runs AG advisory.
Original Advisory:
CA:
http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp
iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=567
n.runs AG:
http://www.nruns.com/security_advisory_ca_etrust_chm_infinite_loop_dos.php
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
5th Sep, 2008
|
New advisories:
|
14 |
|
New vulnerabilities:
|
18 |
|
Updated advisories:
|
22 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
 Solutions | More...
|
|
|
|
Send Feedback to Secunia
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
|
