Computer Associates Anti-Virus Drivers Multiple Local Denial Of Service Vulnerabilities

Bugtraq ID:	21593
Class:	Input Validation Error
CVE:	CVE-2006-6496
Remote:	No
Local:	Yes
Published:	Dec 14 2006 12:00AM
Updated:	Jun 26 2007 04:18AM
Credit:	Rubén Santamarta is credited with discovering this vulnerability.
Vulnerable:	Computer Associates CA Internet Security Suite 2007 3.0 Computer Associates Anti-Virus for Vista Beta 8.2 Computer Associates Anti-Virus 2007 8.1
Not Vulnerable:

Computer Associates Anti-Virus Drivers Multiple Local Denial Of Service Vulnerabilities

Computer Associates Anti-Virus is prone to multiple local denial-of-service vulnerabilities because the application fails to properly handle NULL buffers.

An attacker may exploit these issues to crash the affected computer, denying further service to legitimate users.

Computer Associates Anti-Virus Drivers Multiple Local Denial Of Service Vulnerabilities

Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

Computer Associates Anti-Virus Drivers Multiple Local Denial Of Service Vulnerabilities

Solution:
The vendor has released patches to address these issues. The automatic update feature can install these patches.

Computer Associates Anti-Virus Drivers Multiple Local Denial Of Service Vulnerabilities

References:

• Computer Associates Homepage (Computer Associates)
  
• [CAID 34870]: CA Anti-Virus vetfddnt.sys, vetmonnt.sys Local Denial of Service V ([email protected])
  
• CA Anti-virus Drivers Multiple local Kernel-Mode DoS vulnerabilities. (Rubén Santamarta)