eTrust IDS has backdoor? ROFLCOPTER!!!
Results 1 to 2 of 2

Thread: eTrust IDS has backdoor? ROFLCOPTER!!!

  1. #1
    Yes, that's my CC number! 576869746568617's Avatar
    Join Date
    Dec 2003
    Location
    Earth
    Posts
    397

    Exclamation eTrust IDS has backdoor? ROFLCOPTER!!!

    Just FYI - CC

    Original release date: 7/25/2007
    Last revised: 7/26/2007
    Source: US-CERT/NIST


    Overview

    The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions."


    Impact

    CVSS Severity (version 2.0):
    CVSS v2 Base score: 9.3 (High) (AV:N/AC:M/Au:N/C:C/I:C/A:C) (legend)
    Impact Subscore: 10.0
    Exploitability Subscore: 8.6

    Access Vector: Network exploitable , Victim must voluntarily interact with attack mechanism
    Access Complexity: Medium
    Authentication: Not required to exploit
    Impact Type: Provides administrator access, Allows complete confidentiality, integrity, and availability violation , Allows unauthorized disclosure of information , Allows disruption of service


    References to Advisories, Solutions, and Tools

    External Source: BID (disclaimer)

    Name: 25050

    Type: Patch Information
    Hyperlink: http://www.securityfocus.com/bid/25050


    External Source: FRSIRT (disclaimer)

    Name: ADV-2007-2640

    Type: Advisory , Patch Information
    Hyperlink: http://www.frsirt.com/english/advisories/2007/2640


    External Source: (disclaimer)

    Type: Patch Information
    Hyperlink: http://supportconnectw.ca.com/public...vilnsecnot.asp


    External Source: SECUNIA (disclaimer)

    Name: 26134

    Type: Advisory , Patch Information
    Hyperlink: http://secunia.com/advisories/26134


    External Source: IDEFENSE (disclaimer)

    Name: 20070724 Computer Associates eTrust Intrusion Detection CallCode ActiveX Control Code Execution Vulnerability

    Type: Patch Information
    Hyperlink: http://labs.idefense.com/intelligenc...lay.php?id=568


    External Source: XF (disclaimer)

    Name: ca-etrust-caller-code-execution(35565)

    Hyperlink: http://xforce.iss.net/xforce/xfdb/35565


    Vulnerable software and versions

    Configuration 1
    − CA, ETrust Intrusion Detection, 3.0
    − CA, ETrust Intrusion Detection, 3.0 Sp1
    − CA, ETrust Intrusion Detection, 3.05.81



    Technical Details

    Vulnerability Type: Design Error


    CVE Standard Vulnerability Entry:
    http://cve.mitre.org/cgi-bin/cvename...=CVE-2007-3302


    Common Platform Enumeration:
    http://nvd.nist.gov/cpe.cfm?cvename=CVE-2007-3302
    Windows 9x: n. A collection of 32 bit extensions and a graphical shell for a 16 bit patch to an 8 bit operating system originally coded for a 4 bit microprocessor. Written by a 2 bit company that can\'t stand 1 bit of competition.


  2. #2
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Not really surprising I suppose, several security products have been found to be vulnerable over the past 18 months or so.

    I guess when they were designed people thought that malware and hackers would just try to disable them, which was previously the normal behaviour. They never expected attempts to actively exploit them.

    I have also noticed a trend towards moving from operating system based attacks to applications based attacks. I guess all applications have hitherto been wallowing in a false sense of security.

    I am no technical expert, but I would imagine that application based attacks are attractive because the target is relatively soft and there is a far greater cross platform potential?
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Similar Threads

  1. eTrust EZ AntiVirus.
    By HippoDuck in forum AntiVirus Discussions
    Replies: 10
    Last Post: December 12th, 2005, 08:39 PM
  2. CA Etrust Released New Version 6.2 Antivirus Software
    By TSR in forum AntiVirus Discussions
    Replies: 0
    Last Post: May 23rd, 2004, 06:01 AM
  3. eTrust Antivirus Beta V 6.2.0.21
    By TSR in forum AntiVirus Discussions
    Replies: 3
    Last Post: April 4th, 2004, 03:47 AM
  4. Understanding the eTrust Antivirus Event Log
    By AngelicKnight in forum AntiVirus Discussions
    Replies: 2
    Last Post: January 23rd, 2004, 04:15 AM
  5. Problem with eTrust Antivirus
    By AngelicKnight in forum AntiVirus Discussions
    Replies: 8
    Last Post: December 17th, 2003, 07:24 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides