La mayoría de los productos afectados son corregidos gracias a las actualizaciones automáticas, si bien los usuarios de eTrust EZ Antivirus 6.x y eTrust EZ Armor 2.x deberán actualizar a versiones superiores para prevenir los ataques.
Actualización de eTrust EZ Armor 2.x a versión 3.1.
http://consumerdownloads.ca.com/myeTrust/apps/EZArmor.exe
Actualización de eTrust EZ Antivirus 6.x a versión 7.
http://consumerdownloads.ca.com/myeTrust/apps/EZAntivirus.exe
Los productos afectados, según el aviso de Computer Associates, son:
Computer Associates: BrightStor ARCserve Backup (BAB) r11.1 Windows Computer Associates: eTrust Antivirus 6.0 Linux Computer Associates: eTrust Antivirus 6.0 Notes/Exchange Computer Associates: eTrust Antivirus 6.0 Solaris Computer Associates: eTrust Antivirus 6.0 Windows 95/98/ME Computer Associates: eTrust Antivirus 6.0 Windows NT/2000/XP Computer Associates: eTrust Antivirus 6.0 Windows NT/2000/XP SP1 Computer Associates: eTrust Antivirus 6.0 Windows NT/2000/XP SP2 Computer Associates: eTrust Antivirus 7.0 Notes/Exchange Computer Associates: eTrust Antivirus 7.0 Solaris Computer Associates: eTrust Antivirus 7.0 Windows 95/98/ME Computer Associates: eTrust Antivirus 7.0 Windows NT/2000/XP Computer Associates: eTrust Antivirus 7.1 Notes/Exchange Computer Associates: eTrust Antivirus 7.1 Solaris Computer Associates: eTrust Antivirus 7.1 Windows NT/2000/XP Computer Associates: eTrust Antivirus for the Gateway 7.0 Computer Associates: eTrust Antivirus for the Gateway r7.1 Computer Associates: eTrust EZ Antivirus 2005 (v6.2) Computer Associates: eTrust EZ Antivirus 6.1 Computer Associates: eTrust EZ Antivirus 6.1.0.24 Computer Associates: eTrust EZ Antivirus 6.1.3.1 Computer Associates: eTrust EZ Antivirus 6.1.4.0 Computer Associates: eTrust EZ Antivirus 6.1.5.8 Computer Associates: eTrust EZ Antivirus 6.1.7.0 Computer Associates: eTrust EZ Antivirus 6.2 Computer Associates: eTrust EZ Antivirus 6.3 Computer Associates: eTrust EZ Antivirus 6.4 Computer Associates: eTrust EZ Antivirus 7 Computer Associates: eTrust EZ Antivirus 7.0.0 Computer Associates: eTrust EZ Antivirus 7.0.1 Computer Associates: eTrust EZ Antivirus 7.0.1.4 Computer Associates: eTrust EZ Antivirus 7.0.2 Computer Associates: eTrust EZ Antivirus 7.0.2.1 Computer Associates: eTrust EZ Antivirus 7.0.3 Computer Associates: eTrust EZ Antivirus 7.0.4 Computer Associates: eTrust EZ Antivirus 7.0.5 Computer Associates: eTrust Intrusion Detection 1.4.1.13 Computer Associates: eTrust Intrusion Detection 2.0 Computer Associates: eTrust Intrusion Detection 2.0 SP1 Computer Associates: eTrust Intrusion Detection 3.0 Computer Associates: eTrust Intrusion Detection 3.0SP1 Computer Associates: eTrust Secure Content Manager 1.0 Computer Associates: eTrust Secure Content Manager 1.0 SP1 Computer Associates: eTrust Secure Content Manager 1.1 Computer Associates: EZ Armor 2.0 Computer Associates: EZ Armor 2.0.13 Computer Associates: EZ Armor 2.0.6 Computer Associates: EZ Armor 2.3 Computer Associates: EZ Armor 2.4 Computer Associates: EZ Armor 2.4.4 Computer Associates: EZ Armor 3.1 Computer Associates: EZ Armor LE 2.0 Computer Associates: EZ Armor LE 3.0.0.14 Computer Associates: InoculateIT 6.0 Computer Associates: Vet Antivirus 10.66
Más información:
Computer Associates Vet Antivirus engine heap overflow vulnerability
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32896
Bernardo Quintero
bernardo@hispasec.com
Noticias Hispasec
