Title: CAID 34325 - CA ITM, eAV, ePP scan job description field format string vulnerability
CA Vulnerability ID: 34325
CA Advisory Date: 2006-06-26
Discovered By: Deral Heiland (www.layereddefense.com)
Impact: Attackers can cause a denial of service condition or possibly execute arbitrary code.
Summary: CA Integrated Threat Management, eTrust Antivirus, and eTrust PestPatrol contain a vulnerability that can allow attackers to cause a denial of service condition or possibly execute arbitrary code. The vulnerability is due to improper processing of format strings in the description field of a scan job. An attacker, who can create a scan job containing format string directives, can potentially overwrite memory to cause a crash or execute arbitrary code.
Mitigating Factors: None
Severity: CA has given this vulnerability a Medium risk rating.
Affected Products: CA Integrated Threat Management r8 eTrust Antivirus r8 eTrust PestPatrol Anti-spyware Corporate Edition r8
Status and Recommendation: This vulnerability is addressed in Content Update build 432. Use the content update mechanism to install this update.
References: (URLs may wrap)
CA SupportConnect: http://supportconnect.ca.com/
Client GUI Vulnerability Content Update - build 432 http://supportconnectw.ca.com/public/eitm/infodocs/etrustitmvuln-content update.asp
CAID: 34325 CAID Advisory link: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34325
CVE Reference: CVE-2006-3223 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3223
OSVDB Reference: OSVDB-26654 http://osvdb.org/26654
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to firstname.lastname@example.org, or contact me directly.
If you discover a vulnerability in CA products, please report your findings to email@example.com, or utilize our "Submit a Vulnerability" form. URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, One Computer Associates Plaza. Islandia, NY 11749