Detections
Analytics

CA eTrust Intrusion Detection CPImportKey Function Overflow DoS

medium Nessus Plugin ID 18537

Language:

Synopsis

It is possible to crash the remote IDS service.

Description

The remote host is running CA eTrust Intrusion Detection System, a security solution with intrusion detection, antivirus, web filtering and session monitoring.

The remote version of this software is affected by a denial of service vulnerability in the way it uses 'CPImportKey' function. An attacker can exploit this issue to crash the remote service by sending a specially crafted administration packet.

Solution

Upgrade to version 3.0.5.57 or later.

See Also

http://www.nessus.org/u?001dcaf3

https://www.securityfocus.com/archive/1/395012

http://www.nessus.org/u?86be784a

Plugin Details

Severity: Medium

ID: 18537

File Name: etrust_dos.nasl

Version: 1.21

Type: remote

Agent: windows

Family: Windows

Published: 6/21/2005

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

Required KB Items: eTrust/intrusion_detection_system

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 4/6/2005

Reference Information

CVE: CVE-2005-0968

BID: 13017