Lucene search

SAINT CorporationSAINT:6F09E343FED80B69E079401274E41C6C

HistoryAug 09, 2007 - 12:00 a.m.

CA eTrust Intrusion Detection CallCode ActiveX vulnerability

2007-08-0900:00:00

SAINT Corporation

my.saintcorporation.com

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.944

Percentile

99.2%

JSON

Added: 08/09/2007
CVE: CVE-2007-3302
BID: 25050
OSVDB: 37698

Background

CA eTrust Intrusion Detection includes the CallCode (**Caller.dll**) ActiveX control.

Problem

The CallCode ActiveX control is incorrectly marked safe for scripting. This ActiveX control contains scriptable functions which, if a user loads an attacker’s web page, could be used to load arbitrary DLLs and execute the code contained within.

Resolution

Apply update QO89893 for eTrust Intrusion Detection 3.0 or QO89881 for eTrust Intrusion Detection 3.0 SP1.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=568>
<http://supportconnectw.ca.com/public/etrust/etrust_intrusion/infodocs/eid-callervilnsecnot.asp>

Limitations

Exploit works on CA eTrust Intrusion Detection 3.0 SP1 and requires a user to load the exploit page into Internet Explorer.

In order for this exploit to succeed, the SAINTexploit host must be able to bind to port 69/UDP, and the target host must have access to it.

Platforms

Windows

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.944

Percentile

99.2%

JSON

Related for SAINT:6F09E343FED80B69E079401274E41C6C