In association with heise online

10 May 2007, 11:46

Several CA products for businesses enable code smuggling

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

CA has published a security report describing vulnerabilities in its antivirus for Enterprise, Threat Manager and Anti-Spyware. The products were also formerly known as eTrust Antivirus, eTrust Integrated Threat Management and PestPatrol. Attackers might exploit the holes to smuggle in arbitrary program code.

In the console server, which by default listens to the internet on TCP port 12168, an internal buffer overflow can occur as a result of a faulty length check. Attackers can apparently exploit this to inject and execute foreign code with fraudulent login data. A similar vulnerability affects the file InoCore.dll, which local users can exploit to execute arbitrary code.

The vulnerability affects the files InoWeb.exe and InoCore.dll prior to the current version 8.0.448.0. The manufacturer has released updates which should be uploaded by administrators, in case it has not yet been handled by the automatic update.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit