Vulnerabilities > CVE-2005-0968 - Unspecified vulnerability in Broadcom Etrust Intrusion Detection 3.0

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
broadcom
nessus

Summary

Computer Associates (CA) eTrust Intrusion Detection 3.0 allows remote attackers to cause a denial of service via large size values that are not properly validated before calling the CPImportKey function in the Crypto API.

Vulnerable Configurations

Part Description Count
Application
Broadcom
1

Nessus

NASL familyWindows
NASL idETRUST_DOS.NASL
descriptionThe remote host is running CA eTrust Intrusion Detection System, a security solution with intrusion detection, antivirus, web filtering and session monitoring. The remote version of this software is affected by a denial of service vulnerability in the way it uses
last seen2020-06-01
modified2020-06-02
plugin id18537
published2005-06-21
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/18537
titleCA eTrust Intrusion Detection CPImportKey Function Overflow DoS
code
#
# (C) Tenable Network Security, Inc.
#

#http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?docid=1&product=ETRID&release=3.0.5&number=10&type=&os=NT&aparno=QO66178&searchID=361777&pos=NT 


include("compat.inc");

if (description)
{
 script_id(18537);
 script_version("1.21");
 script_cvs_date("Date: 2018/11/15 20:50:26");

 script_cve_id("CVE-2005-0968");
 script_bugtraq_id(13017);

 script_name(english:"CA eTrust Intrusion Detection CPImportKey Function Overflow DoS");
 script_summary(english:"Determines if eTrust Intrusion Detection System is vulnerable to a Denial of Service");
 
 script_set_attribute(attribute:"synopsis", value:
"It is possible to crash the remote IDS service." );
 script_set_attribute(attribute:"description", value:
"The remote host is running CA eTrust Intrusion Detection System, a
security solution with intrusion detection, antivirus, web filtering
and session monitoring. 

The remote version of this software is affected by a denial of service
vulnerability in the way it uses 'CPImportKey' function.  An attacker
can exploit this issue to crash the remote service by sending a
specially crafted administration packet.");
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?001dcaf3");
 script_set_attribute(attribute:"see_also", value:"https://www.securityfocus.com/archive/1/395012");
 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?86be784a");
 script_set_attribute(attribute:"solution", value:
"Upgrade to version 3.0.5.57 or later.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");

 script_set_attribute(attribute:"plugin_publication_date", value:"2005/06/21");
 script_set_attribute(attribute:"vuln_publication_date", value:"2005/04/06");
 script_set_attribute(attribute:"plugin_type", value:"remote");
 script_end_attributes();

 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2005-2018 Tenable Network Security, Inc.");
 script_family(english:"Windows");
 script_dependencies("etrust_ids.nasl");
 script_require_keys("eTrust/intrusion_detection_system");
 exit(0);
}

vers = get_kb_item ("eTrust/intrusion_detection_system");
if (!vers) exit(0);

vers = split (vers, sep:".", keep:0);

if ( ( (vers[0] == 3 ) && (vers[1] == 0) && (vers[2] < 557) ) )
  security_warning(get_kb_item("Services/eTrust-IDS"));