|
|

|
|
| Mini-Tagwall | | | |
Revue de presse : security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone
+ de mots clés pour la revue de presse
Annuaires des videos : vmware, security, virus, windows, biometric, lockpicking, password, botnet, metasploit, tutorial, attack, crypt, linux
+ de mots clés pour les videos
Revue Twitter : security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall
+ de mots clés pour la revue Twitter
| | |
|
|
|
|
ID |
22160 |
Nom |
CA eTrust Antivirus WebScan ActiveX Control Vulnerabilities |
Auteurs |
This script is Copyright (C) 2006-2009 Tenable Network Security, Inc. |
Catégorie |
Windows |
Action |
infos |
Résumé |
Checks for version of WebScan ActiveX control |
Description |
Synopsis :
The remote Windows host has an ActiveX control that is affected by
multiple vulnerabilities.
Description :
The Windows remote host contains the WebScan ActiveX control, which is
used by Computer Associates' eTrust Antivirus WebScan service.
The version of this ActiveX control on the remote host reportedly
contains a buffer overflow and fails to properly validate parameters.
Exploitation of these issues may allow an unauthenticated remote
attacker to execute arbitrary code or gain privileged access.
See also :
http://www.securityfocus.com/archive/1/442476/30/0/threaded
http://www.tippingpoint.com/security/advisories/TSRT-06-05.html
http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0126.html
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34509
Solution :
Either remote the control or upgrade to WebScan v1.1.0.1048 or later
by visiting http://www3.ca.com/securityadvisor/virusinfo/scan.aspx and
allowing Internet Explorer to update a new version of webscan.cab.
Risk factor :
High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
|
Cliquer pour le detail - Liste des tests :
|
Cliquer pour le detail - liste des categories : |
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, microsoft, réseau, attaque, outil, vulnérabilité, audit, système, virus, internet, données, présentation, linux, metasploit, bluetooth, protocol, vista, réseaux, shell, scanner, engineering, rootkit, wishmaster, trames, conférence, source, paquet, téléphone, mobile, sysun, noyau, rapport, botnet, téléphones, mémoire, https, navigateur, intel, patch, reverse, libre, scapy, securitech |
| Mini-Tagwall de l'annuaire video : | | | | vmware, security, virus, windows, biometric, lockpicking, password, botnet, metasploit, tutorial, attack, crypt, linux, network, iphone, server, exploit, conficker, wimax, virtu, virtual, engineering, cisco, reverse, wireshark, ettercap, hacker, shmoocon, firewall, internet, knoppix, rootkit, arduino, source, wireless, backtrack, conference, openbsd, brucon, systm, openssh, overflow, buffer, access, remote |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
|
|
|
|