Layered Defense Advisory: Format String Vuln in CA eTrust

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Layered Defense Advisory: Format String Vuln in CA eTrust
From: dh@xxxxxxxxxxxxxxxxxx
Date: 28 Jun 2006 00:24:31 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

=============================================================== 
                                     Layered Defense Advisory 27 June 2006
===============================================================
1) Affected Software  
Computer Associates: eTrust Antivirus 8.0
Computer Associates: eTrust PestPatrol 8.0
Computer Associates: Integrated Threat Management 8.0 
===============================================================
2) Severity 
Rating: Medium risk
Impact: Execution of arbitrary code, rights escalation and at a minimum, denial 
of service.
===============================================================
3) Description of Vulnerability 
A format string vulnerability was discovered within etrust Antivirus 8.0. The 
vulnerability is due to improper processing of format strings within the scan 
job description field. An attacker could create a scan job containing special 
crafted format strings that could potential lead to execution of arbitrary 
code, rights escalation and at a minimum denial of service.
Other effected software identified by vendor:
Computer Associates: eTrust PestPatrol 8.0
Computer Associates: Integrated Threat Management 8.0 
===============================================================
4) Solution
 
This vulnerability is addressed by vendor in Content 
Update build 432. 
Client GUI Vulnerability Content Update - build 432
http://supportconnectw.ca.com/public/eitm/infodocs/etrustitmvuln-contentupdate.asp
===============================================================
5) Time Table 
05/04/2006 ? Reported Vulnerability to Vendor. 
06/27/2006 ? Vulnerability fixed & public disclosure. 
===============================================================
6) Credits 
Discovered by Deral Heiland, www.LayeredDefense.com 
===============================================================
7) References 
CAID: 34325
CAID Advisory link: 
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34325

CVE Reference: 
CVE-2006-3223 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3223

OSVDB Reference: 
OSVDB-26654 http://osvdb.org/26654
===============================================================
9) About Layered Defense 
Layered Defense, Is a group of security professionals that work together on 
ethical Research, Testing and Training within the information security arena.
http://www.layereddefense.com
===============================================================

Prev by Date: PHPClassifieds General
Next by Date: Re: Files and cvars overwriting in Quake 3 engine (1.32c / rev 803 / ...)
Previous by thread: PHPClassifieds General
Next by thread: [KAPDA]http://myimei.com/security/2006-06-24/mybb104archive-modelight-parameter-extractionvarable-overwriting.html
Index(es):
- Date
- Thread