Computer Associates eTrust Intrusion Detection System Remote Denial of Service Vulnerability
BID:13017
Info
Computer Associates eTrust Intrusion Detection System Remote Denial of Service Vulnerability
| Bugtraq ID: | 13017 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2005-0968 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 05 2005 12:00AM |
| Updated: | Jul 12 2009 11:56AM |
| Credit: | Discovery is credited to an anonymous researcher. |
| Vulnerable: |
Computer Associates eTrust Intrusion Detection 3.0 SP 1 Computer Associates eTrust Intrusion Detection 3.0 |
| Not Vulnerable: | |
Discussion
Computer Associates eTrust Intrusion Detection System Remote Denial of Service Vulnerability
eTrust Intrusion Detection System is reported prone to a remote denial of service vulnerability.
This vulnerability specifically arises due to the improper use of the Microsoft Crypto API function called 'CPImportKey'. eTrust Intrusion Detection System employs the Microsoft Crypto API functionality without wrapper functions to validate user-supplied input and is susceptible to denial of service attacks.
A successful attack can crash the application by exhausting memory resources. This can facilitate further attacks against the network and the possibility of attacks not being detected.
eTrust Intrusion Detection System 3.0 and 3.0 SP1 are reported vulnerable.
eTrust Intrusion Detection System is reported prone to a remote denial of service vulnerability.
This vulnerability specifically arises due to the improper use of the Microsoft Crypto API function called 'CPImportKey'. eTrust Intrusion Detection System employs the Microsoft Crypto API functionality without wrapper functions to validate user-supplied input and is susceptible to denial of service attacks.
A successful attack can crash the application by exhausting memory resources. This can facilitate further attacks against the network and the possibility of attacks not being detected.
eTrust Intrusion Detection System 3.0 and 3.0 SP1 are reported vulnerable.
Exploit / POC
Computer Associates eTrust Intrusion Detection System Remote Denial of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Computer Associates eTrust Intrusion Detection System Remote Denial of Service Vulnerability
Solution:
The vendor has released patches to address this issue.
Computer Associates eTrust Intrusion Detection 3.0 SP 1
Computer Associates eTrust Intrusion Detection 3.0
Solution:
The vendor has released patches to address this issue.
Computer Associates eTrust Intrusion Detection 3.0 SP 1
-
Computer Associates QO66178
http://supportconnectw.ca.com/premium/etrust/etrust_intrusion/download s/eid-solpatch_r30.asp#rel30sp1
Computer Associates eTrust Intrusion Detection 3.0
-
Computer Associates QO66181
http://supportconnectw.ca.com/premium/etrust/etrust_intrusion/download s/eid-solpatch_r30.asp#rel30
References
Computer Associates eTrust Intrusion Detection System Remote Denial of Service Vulnerability
References:
References:
- eTrust Intrusion Detection Product Home Page (Computer Associates)
- Computer Associates eTrust Intrusion Detection System CPImportKey DoS ("iDEFENSE Labs"