what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

CA Security Advisory 35112

CA Security Advisory 35112
Posted Mar 6, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA eTrust Intrusion Detection contains a vulnerability that can allow a remote attacker to cause a denial of service condition. Affected Products include eTrust Intrusion Detection 3.0 SP1, eTrust Intrusion Detection 3.0, and eTrust Intrusion Detection 2.0 SP1.

tags | advisory, remote, denial of service
advisories | CVE-2007-1005
SHA-256 | c4aff44d742dff175c969692af2d23c9c6f951c0f4edf0ab1e710a1fed11ce69

CA Security Advisory 35112

Change Mirror Download

Title: [CAID 35112]: CA eTrust Intrusion Detection Denial of Service
Vulnerability

CA Vuln ID (CAID): 35112

CA Advisory Date: 2007-02-27

Reported By: iDefense

Impact: Remote attackers can cause a denial of service condition.

Summary: CA eTrust Intrusion Detection contains a vulnerability that
can allow a remote attacker to cause a denial of service condition.

Mitigating Factors: None

Severity: CA has given this vulnerability a Medium risk rating.

Affected Products:
eTrust Intrusion Detection 3.0 SP1
eTrust Intrusion Detection 3.0
eTrust Intrusion Detection 2.0 SP1

Affected Platforms:
Windows

Status and Recommendation:
Customers with vulnerable versions of the eTrust Intrusion Detection
product should upgrade with the latest patches, which are available
for download from http://supportconnect.ca.com.

eTrust Intrusion Detection 3.0 SP1 - QO85469
eTrust Intrusion Detection 3.0 - QO85472
eTrust Intrusion Detection 2.0 SP1 - QO85488

How to determine if the installation is affected:
1. Locate the file SW3eng.exe with Windows Explorer. For 3.0 and 3.0
SP1, the file is located in the
"Program Files\CA\eTrust\Intrusion Detection\engine\" directory. For
2.0, the file is located in the
"Program Files\eTrust\Intrusion Detection\engine\" directory.
2. Right click SW3eng.exe and choose Properties
3. Select the Version tab

The installation is vulnerable if the version of SW3eng.exe is less
than the version indicated below:
eTrust Intrusion Detection 3.0 SP1 - SW3eng.exe 3.0.5.80
eTrust Intrusion Detection 3.0 - SW3eng.exe 3.0.2.07
eTrust Intrusion Detection 2.0 SP1 - SW3eng.exe 2.0.0.41

Workaround:
In the case where applying the patch is not feasible, ensure only
authorized hosts are permitted to connect to the Engine service port,
9191 by default, on the host running eTrust Intrusion Detection.

References (URLs may wrap):
CA SupportConnect:
http://supportconnect.ca.com/
CA SupportConnect Security Notice for this vulnerability:
Security Notice for eTrust Intrusion Detection
http://supportconnectw.ca.com/public/ca_common_docs/eid_secnotice.asp
Solution Document Reference APARs:
QO85469, QO85472, QO85488
CA Security Advisor posting:
CA eTrust Intrusion Detection Denial of Service Vulnerability
http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=100784
CAID: 35112
CAID Advisory link:
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=35112
Reported By: iDefense
iDefense advisory 02.27.07:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=484
CVE Reference: CVE-2007-1005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1005
OSVDB Reference: OSVDB ID: 32290
http://osvdb.org/32290

Changelog for this advisory:
v1.0 - Initial Release

Customers who require additional information should contact CA
Technical Support at http://supportconnect.ca.com.

For technical questions or comments related to this advisory, please
send email to vuln AT ca DOT com.

If you discover a vulnerability in CA products, please report your
findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability"
form.
URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx


Regards,
Ken Williams ; 0xE2941985
Director, CA Vulnerability Research

CA, One CA Plaza, Islandia, NY 11749

Contact http://www3.ca.com/contact/
Legal Notice http://www3.ca.com/legal/
Privacy Policy http://www3.ca.com/privacy/
Copyright (c) 2007 CA. All rights reserved.
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close