|
Family: Denial of Service --> Category: infos
CA eTrust Intrusion Detection System Key Exchange Remote Denial of Service Vulnerability Vulnerability Scan
Vulnerability Scan Summary Acertains if eTrust Intrusion Detection System is vulnerable to a Denial of Service
Detailed Explanation for this Vulnerability Test
Synopsis :
It is possible to crash the remote IDS service.
Description :
The remote host is running Computer Associates eTrust Intrusion Detection
System, a security solution with intrusion detection, antivirus, web
filtering and session monitoring.
The remote version of this software is vulnerable to a Denial of Service
vulnerability in the way it handles session keys.
A possible hacker can exploit this issue to crash the remote service by sending
a specially crafted administration packet.
Solution :
Upgrade to version 2.0.0.41/3.0.2.07/3.0.5.80
See also :
http://supportconnectw.ca.com/public/ca_common_docs/eid_secnotice.asp
Threat Level:
Low / CVSS Base Score : 3.3
(AV:R/AC:L/Au:NR/C:N/I:N/A:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|