CA Multiple Products Console Server and InoCore.dll Remote Code Execution Vulnerabilities
BID:23906
Info
CA Multiple Products Console Server and InoCore.dll Remote Code Execution Vulnerabilities
| Bugtraq ID: | 23906 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-2522 CVE-2007-2523 |
| Remote: | Yes |
| Local: | No |
| Published: | May 09 2007 12:00AM |
| Updated: | May 11 2007 07:38PM |
| Credit: | Tenable Network Security is credited with discovering this issue. |
| Vulnerable: |
Computer Associates Protection Suites r3 Computer Associates eTrust PestPatrol Anti-spyware Corporate Edition r8 Computer Associates eTrust Integrated Threat Management 8.0 Computer Associates eTrust EZ Antivirus 8 |
| Not Vulnerable: | |
Discussion
CA Multiple Products Console Server and InoCore.dll Remote Code Execution Vulnerabilities
Multiple products by Computer Associates are prone to multiple vulnerabilities that will allow remote attackers to execute arbitrary code on an affected computer.
Successful exploits will allow attacker-supplied arbitrary code to run within the context of the affected server. Failed exploit attempts will likely cause denial-of-service conditions.
Multiple products by Computer Associates are prone to multiple vulnerabilities that will allow remote attackers to execute arbitrary code on an affected computer.
Successful exploits will allow attacker-supplied arbitrary code to run within the context of the affected server. Failed exploit attempts will likely cause denial-of-service conditions.
Exploit / POC
CA Multiple Products Console Server and InoCore.dll Remote Code Execution Vulnerabilities
The following exploit is available:
The following exploit is available:
Solution / Fix
CA Multiple Products Console Server and InoCore.dll Remote Code Execution Vulnerabilities
Solution:
The vendor has released fixes to address these issues. Please contact the vendor for information on how to obtain and apply updates.
Solution:
The vendor has released fixes to address these issues. Please contact the vendor for information on how to obtain and apply updates.
References
CA Multiple Products Console Server and InoCore.dll Remote Code Execution Vulnerabilities
References:
References:
- CA Multiple Products Remote Code Vulnerabilities (Computer Associates)
- Computer Associates Homepage (Computer Associates)
- eTrust EZAntivirus Home Page (Computer Associates)
- [CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Cons (Williams, James K)
- ZDI-07-028: CA eTrust AntiVirus Server inoweb Buffer Overflow Vulnerability (ZDI)
- Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability ([email protected])
- Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability (iDefense Labs)
- Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability (iDefense Labs)
- VU#680616: Computer Associates eTrust AntiVirus Server buffer overflow (US-CERT)
- VU#788416: Computer Associates AntiVirus InoTask buffer overflow vulnerability (US-CERT)
- ZDI-07-028: CA eTrust AntiVirus Server inoweb Buffer Overflow Vulnerability (ZDI)