DoS vulnerability in CA's intrusion detection products
A vulnerability in CA's eTrust Intrusion Detection solution can be exploited to shut down the administration service. According to iDefense, all an attacker needs to do is to send manipulated packets during log-in to the service listening on TCP port 9191. When a defective session key is transferred to protect the connection, the service overflows the heap, causing a crash. This security hole affects eTrust Intrusion Detection 2.0 SP1, 3.0 and 3.0 SP1. CA has issued patches to solve the problem.
- Computer Associates eTrust Intrusion Detection Denial of Service Vulnerability, Error report from iDefense
- Security Notice for eTrust Intrusion Detection, Error report from CA