eTrust IDS has backdoor? ROFLCOPTER!!!
Just FYI - CC
Original release date: 7/25/2007
Last revised: 7/26/2007
Source: US-CERT/NIST
Overview
The CallCode ActiveX control in caller.dll 3.0 before 20070713, and 3.0 SP1 before 3.0.5.81, in CA (formerly Computer Associates) eTrust Intrusion Detection allows remote attackers to load arbitrary DLLs on a client system, and execute code from these DLLs, via unspecified "scriptable functions."
Impact
CVSS Severity (version 2.0):
CVSS v2 Base score: 9.3 (High) (AV:N/AC:M/Au:N/C:C/I:C/A:C) (legend)
Impact Subscore: 10.0
Exploitability Subscore: 8.6
Access Vector: Network exploitable , Victim must voluntarily interact with attack mechanism
Access Complexity: Medium
Authentication: Not required to exploit
Impact Type: Provides administrator access, Allows complete confidentiality, integrity, and availability violation , Allows unauthorized disclosure of information , Allows disruption of service
References to Advisories, Solutions, and Tools
External Source: BID (disclaimer)
Name: 25050
Type: Patch Information
Hyperlink: http://www.securityfocus.com/bid/25050
External Source: FRSIRT (disclaimer)
Name: ADV-2007-2640
Type: Advisory , Patch Information
Hyperlink: http://www.frsirt.com/english/advisories/2007/2640
External Source: (disclaimer)
Type: Patch Information
Hyperlink: http://supportconnectw.ca.com/public...vilnsecnot.asp
External Source: SECUNIA (disclaimer)
Name: 26134
Type: Advisory , Patch Information
Hyperlink: http://secunia.com/advisories/26134
External Source: IDEFENSE (disclaimer)
Name: 20070724 Computer Associates eTrust Intrusion Detection CallCode ActiveX Control Code Execution Vulnerability
Type: Patch Information
Hyperlink: http://labs.idefense.com/intelligenc...lay.php?id=568
External Source: XF (disclaimer)
Name: ca-etrust-caller-code-execution(35565)
Hyperlink: http://xforce.iss.net/xforce/xfdb/35565
Vulnerable software and versions
Configuration 1
− CA, ETrust Intrusion Detection, 3.0
− CA, ETrust Intrusion Detection, 3.0 Sp1
− CA, ETrust Intrusion Detection, 3.05.81
Technical Details
Vulnerability Type: Design Error
CVE Standard Vulnerability Entry:
http://cve.mitre.org/cgi-bin/cvename...=CVE-2007-3302
Common Platform Enumeration:
http://nvd.nist.gov/cpe.cfm?cvename=CVE-2007-3302
