Detections
Analytics
CA Antivirus Engine Multiple Scan Evasion
medium Nessus Plugin ID 35473
Synopsis
An antivirus application installed on the remote host is affected by multiple scan evasion vulnerabilities.Description
The Computer Associates (CA) antivirus scan engine installed on the remote host is affected by multiple scan evasion vulnerabilities due to a failure to handle certain malformed archive files. An attacker can exploit this, via crafted archive files, to evade detection by the scan engine.Solution
Refer to the vendor advisory to apply the appropriate patch or update.See Also
http://www.nessus.org/u?98dd1f65
http://www.nessus.org/u?3fcf32b0
https://seclists.org/fulldisclosure/2009/May/99
https://www.securityfocus.com/archive/1/503447/30/0/threaded
Plugin Details
Severity: Medium
ID: 35473
File Name: ca_av_archive_file_evasion.nasl
Version: 1.16
Type: local
Agent: windows
Family: Windows
Published: 1/28/2009
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N
Vulnerability Information
Required KB Items: SMB/Registry/Enumerated
Exploit Ease: No known exploits are available
Vulnerability Publication Date: 1/27/2009
Reference Information
CVE: CVE-2009-0042
BID: 33464