CA Antivirus Engine Multiple Scan Evasion

medium Nessus Plugin ID 35473

Synopsis

An antivirus application installed on the remote host is affected by multiple scan evasion vulnerabilities.

Description

The Computer Associates (CA) antivirus scan engine installed on the remote host is affected by multiple scan evasion vulnerabilities due to a failure to handle certain malformed archive files. An attacker can exploit this, via crafted archive files, to evade detection by the scan engine.

Solution

Refer to the vendor advisory to apply the appropriate patch or update.

See Also

http://www.nessus.org/u?98dd1f65

http://www.nessus.org/u?3fcf32b0

https://seclists.org/fulldisclosure/2009/May/99

https://www.securityfocus.com/archive/1/503447/30/0/threaded

Plugin Details

Severity: Medium

ID: 35473

File Name: ca_av_archive_file_evasion.nasl

Version: 1.16

Type: local

Agent: windows

Family: Windows

Published: 1/28/2009

Updated: 11/15/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 1/27/2009

Reference Information

CVE: CVE-2009-0042

BID: 33464