Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:2039
HistoryJul 26, 2007 - 12:00 a.m.

CA ETrust Intrusion Detection Caller.dll控件远程代码执行漏洞

2007-07-2600:00:00
Root
www.seebug.org
25

EPSS

0.944

Percentile

99.2%

JSON

BUGTRAQ ID: 25050
CVE(CAN) ID: CVE-2007-3302

CA的eTrust Intrusion Detection是功能强大的基于网络的入侵检测系统。

eTrust Intrusion Detection的ActiveX控制实现上存在漏洞,远程攻击者可能利用此漏洞控制用户系统。

在安装eTrust Intrusion Detection时会注册以下ActiveX控件:

文件:Caller.dll
Clsid:41266C21-18D8-414B-88C0-8DCA6C25CEA0

这个控件中的多个函数允许恶意的网页加载任意DLL并使用可控的参数调用导出,因此允许攻击者以登录用户的权限执行任意指令。

Computer Associates eTrust Intrusion Detection 3.0 SP1
Computer Associates eTrust Intrusion Detection 3.0
临时解决方法:

1 使用注册表编辑器导航到HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility{41266C21-18D8-414B-88C0-8DCA6C25CEA0}。如果该键不存在的话,请创建
2 创建名为Compatibility Flags的DWORD值,并设置为0x00000400
3 重启Internet Explorer

厂商补丁:

Computer Associates

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&amp;searchID=QO89893” target=“_blank”>http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&amp;searchID=QO89893</a>
<a href=“http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&amp;searchID=QO89881” target=“_blank”>http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&amp;searchID=QO89881</a>

Related

securityvulns 3
saint 4
cve 1
checkpoint_advisories 1
cvelist 1
prion 1
nvd 1
securityvulns
securityvulns
[Full-disclosure] [CAID 35524]: CA eTrust Intrusion Detection caller.dll Vulnerability
2007-07-25 00:00:00
Computer Associates eTrust Intrusion Detection code execution
2007-07-25 00:00:00
iDefense Security Advisory 07.24.07: Computer Associates eTrust Intrusion Detection CallCode ActiveX Control Code Execution Vulnerability
2007-07-25 00:00:00
saint
saint
CA eTrust Intrusion Detection CallCode ActiveX vulnerability
2007-08-09 00:00:00
CA eTrust Intrusion Detection CallCode ActiveX vulnerability
2007-08-09 00:00:00
CA eTrust Intrusion Detection CallCode ActiveX vulnerability
2007-08-09 00:00:00
cve
cve
CVE-2007-3302
2007-07-26 00:30:00
checkpoint_advisories
checkpoint_advisories
CA eTrust Intrusion Detection CallCode ActiveX Control Code Execution (CVE-2007-3302)
2007-10-10 00:00:00
cvelist
cvelist
CVE-2007-3302
2007-07-26 00:00:00
prion
prion
Code injection
2007-07-26 00:30:00
nvd
nvd
CVE-2007-3302
2007-07-26 00:30:00

EPSS

0.944

Percentile

99.2%

JSON
Related for SSV:2039
securityvulns3saint4cve1checkpoint_advisories1cvelist1prion1nvd1