Lexa Software: Security-Alerts@yandex-team.ru archive

		Apache-Talk @lexa.ru
		Inet-Admins @info.east.ru
		Filmscanners @halftone.co.uk
		Security-alerts @yandex-team.ru
		nginx-ru @sysoev.ru

СТАТЬИ

ПЕРСОНАЛЬНОЕ

ПРОГРАММЫ

ПИШИТЕ
ПИСЬМА

АРХИВ :: Security-alerts

Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [SA26155] CA Products CHM and RAR File Processing Denial of Service Vulnerabilities

To: "security-alerts@xxxxxxxxxxxxxx" <security-alerts@xxxxxxxxxxxxxx>
Subject: [security-alerts] FW: [SA26155] CA Products CHM and RAR File Processing Denial of Service Vulnerabilities
From: "Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>
Date: Thu, 26 Jul 2007 11:17:11 +0400
Accept-language: ru-RU, en-US
Acceptlanguage: ru-RU, en-US
Content-language: ru-RU
List-archive: <http://www.lexa.ru/security-alerts/> (Web Archive)
List-id: <security-alerts.yandex-team.ru>
List-subscribe: <mailto:majordomo@yandex-team.ru?body=subscribe%20security-alerts>
List-unsubscribe: <mailto:majordomo@yandex-team.ru?body=unsubscribe%20security-alerts>
Thread-index: AcfPEWXkj8Q40/9FR6GR57LEGh281AAQ43Hw
Thread-topic: [SA26155] CA Products CHM and RAR File Processing Denial of Service Vulnerabilities

>
> TITLE:
> CA Products CHM and RAR File Processing Denial of Service
> Vulnerabilities
>
> SECUNIA ADVISORY ID:
> SA26155
>
> VERIFY ADVISORY:
> http://secunia.com/advisories/26155/
>
> CRITICAL:
> Moderately critical
>
> IMPACT:
> DoS
>
> WHERE:
> From remote
>
> SOFTWARE:
> eTrust Secure Content Manager (SCM)
> http://secunia.com/product/3391/
> eTrust Intrusion Detection 3.x
> http://secunia.com/product/3390/
> eTrust Intrusion Detection 2.x
> http://secunia.com/product/14867/
> eTrust Internet Security Suite 2.x
> http://secunia.com/product/14436/
> eTrust Internet Security Suite 1.x
> http://secunia.com/product/14435/
> eTrust EZ Armor 3.x
> http://secunia.com/product/14863/
> eTrust EZ Armor 2.x
> http://secunia.com/product/4092/
> eTrust EZ Armor 1.x
> http://secunia.com/product/14862/
> eTrust Antivirus 7.x
> http://secunia.com/product/2198/
> eTrust Antivirus 6.x
> http://secunia.com/product/4088/
> CA Unicenter Network and Systems Management (NSM) 3.x
> http://secunia.com/product/1683/
> CA Unicenter Network and Systems Management (NSM) 11.x
> http://secunia.com/product/14437/
> CA Threat Manager 8.x
> http://secunia.com/product/7112/
> CA Protection Suites 3.x
> http://secunia.com/product/14804/
> CA Protection Suites 2.x
> http://secunia.com/product/14865/
> CA Internet Security Suite 2007 (3.x)
> http://secunia.com/product/14434/
> CA Anti-Virus Gateway 7.x
> http://secunia.com/product/14864/
> CA Anti-Virus for the Enterprise 8.x
> http://secunia.com/product/10672/
> CA Anti-Virus 2007 (8.x)
> http://secunia.com/product/14433/
> CA Anti-Spyware 8.x
> http://secunia.com/product/10673/
> CA Anti-Spyware 2007
> http://secunia.com/product/14866/
> BrightStor Enterprise Backup 10.x
> http://secunia.com/product/314/
> BrightStor ARCserve Backup Client Agent 11.x
> http://secunia.com/product/8119/
> BrightStor ARCserve Backup 9.x
> http://secunia.com/product/313/
> BrightStor ARCserve Backup 11.x (for Windows)
> http://secunia.com/product/3099/
> BrightStor ARCserve Backup 11.x (for Oracle)
> http://secunia.com/product/8147/
> BrightStor ARCserve Backup 11.x (for Open Files)
> http://secunia.com/product/8250/
> BrightStor ARCserve Backup 11.x (for Microsoft SQL Server)
> http://secunia.com/product/8144/
> BrightStor ARCserve Backup 11.x
> http://secunia.com/product/312/
> CA Common Services (CCS) 11.x
> http://secunia.com/product/14868/
> CA Anti-Virus SDK
> http://secunia.com/product/14869/
>
> DESCRIPTION:
> Two vulnerabilities have been reported in various CA products, which
> can be exploited by malicious people to cause a DoS (Denial of
> Service).
>
> 1) An input validation error when processing CHM files can be
> exploited to cause an infinite loop via a specially crafted CHM file
> with an invalid 'previous listing chunk number' field.
>
> 2) An unspecified error when processing RAR archives can be exploited
> to cause the application to hang when e.g. scanning a specially
> crafted RAR archive.
>
> The vulnerabilities affect the following products:
> * CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.0,
> 7.1, r8, r8.1
> * CA Anti-Virus 2007 (v8)
> * eTrust EZ Antivirus r7, r6.1
> * CA Internet Security Suite 2007 (v3)
> * eTrust Internet Security Suite r1, r2
> * eTrust EZ Armor r1, r2, r3.x
> * CA Threat Manager for the Enterprise (formerly eTrust Integrated
> Threat Management) r8
> * CA Anti-Virus Gateway (formerly eTrust Antivirus eTrust Antivirus
> Gateway) 7.1
> * CA Protection Suites r2, r3
> * CA Secure Content Manager (formerly eTrust Secure Content Manager)
> 1.1, 8.0
> * CA Anti-Spyware for the Enterprise (Formerly eTrust PestPatrol) r8,
> 8.1
> * CA Anti-Spyware 2007
> * Unicenter Network and Systems Management (NSM) r3.0
> * Unicenter Network and Systems Management (NSM) r3.1
> * Unicenter Network and Systems Management (NSM) r11
> * Unicenter Network and Systems Management (NSM) r11.1
> * BrightStor ARCserve Backup r11.5
> * BrightStor ARCserve Backup r11.1
> * BrightStor ARCserve Backup r11 for Windows
> * BrightStor Enterprise Backup r10.5
> * BrightStor ARCserve Backup v9.01
> * BrightStor ARCserve Client agent for Windows
> * eTrust Intrusion Detection 2.0 SP1, 3.0, 3.0 SP1
> * CA Common Services (CCS) r11
> * CA Common Services (CCS) r11.1
> * CA Anti-Virus SDK (formerly eTrust Anti-Virus SDK)
>
> SOLUTION:
> Apply updates.
>
> CA Secure Content Manager 1.1:
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO89469
>
> CA Secure Content Manager 8.0:
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO87114
>
> Unicenter Network and Systems Management (NSM) r3.0:
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO89141
>
> Unicenter Network and Systems Management (NSM) r3.1:
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO89139
>
> Unicenter Network and Systems Management (NSM) r11:
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO89140
>
> Unicenter Network and Systems Management (NSM) r11.1:
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO89138&startsearch=1
>
> CA Common Services (CCS) r11:
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO89140
>
> CA Common Services (CCS) r11.1:
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO89138&startsearch=1
>
> CA Anti-Virus Gateway 7.1:
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO89381&startsearch=1
>
> eTrust Intrusion Detection 2.0 sp1:
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO89474&startsearch=1
>
> eTrust Intrusion Detection 3.0:
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO86925&startsearch=1
>
> eTrust Intrusion Detection 3.0 sp1:
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO86923&startsearch=1
>
> CA Protection Suites r2:
> Apply updates for CA Anti-Virus 7.1.
>
> BrightStor ARCserve Backup and BrightStor ARCserve Client agent for
> Windows:
> Replace the arclib.dll file with the one provided in the CA
> Anti-Virus 7.1 fix set. Please see the vendor's advisory for
> details.
>
> CA Anti-Virus 7.1 (Solaris):
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO86831
>
> CA Anti-Virus 7.1 (Netware):
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO86832
>
> CA Anti-Virus 7.1 (MacPPC):
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO86833
>
> CA Anti-Virus 7.1 (MacIntel):
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO86834
>
> CA Anti-Virus 7.1 (Linux390):
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO86835
>
> CA Anti-Virus 7.1 (Linux):
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO86836
>
> CA Anti-Virus 7.1 (HP-UX):
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO86837
>
> CA Anti-Virus 7.1 (Windows NT 32 bit):
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO86843
>
> CA Anti-Virus 7.1 (Windows NT AMD64):
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO86846
>
> CA Threat Manager for the Enterprise r8.1 (Linux):
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO86839
>
> CA Threat Manager for the Enterprise r8.1 (Mac):
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO86828
>
> CA Threat Manager for the Enterprise r8.1 (Solaris):
> http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searc
> hID=QO86829
>
> PROVIDED AND/OR DISCOVERED BY:
> 1) Discovered by an anonymous person and reported via iDefense Labs.
> 2) The vendor credits Titon of BastardLabs and Damian Put, reported
> via iDefense Labs.
>
> ORIGINAL ADVISORY:
> CA:
> http://supportconnectw.ca.com/public/antivirus/infodocs/caprod
> arclib-secnot.asp
>
> iDefense Labs:
> http://labs.idefense.com/intelligence/vulnerabilities/display.
> php?id=567
>

Prev by Date: [security-alerts] FW: [SA26190] CA Message Queuing Server Buffer Overflow Vulnerability
Next by Date: [security-alerts] FYI: Cox Tries to Erase Bots
Previous by thread: [security-alerts] FW: [SA26190] CA Message Queuing Server Buffer Overflow Vulnerability
Next by thread: [security-alerts] FYI: Cox Tries to Erase Bots
Index(es):
- Date
- Thread