Computer Associates eTrust AntiVirus Server contains a buffer overflow vulnerability. This vulnerability may allow an attacker to execute arbitrary code, or create a denial of service condition.
Computer Associates eTrust AntiVirus Server is an antivirus product distributed by Computer Associates. eTrust AntiVirus Server installs a service called inoweb that listens on port 12168/tcp.
The inoweb process contains a stack based buffer overflow vulnerability. By sending a malformed packet to a vulnerable system, an attacker may be able to trigger the overflow.
A remote, unauthenticated attacker may be able to execute arbitrary code, or create a denial of service condition.
Thanks to the Zero Day Initiative for information that was used in this report. The Zero Day Initiative credits Tenable Network Security for discovering this vulnerability.
|Date First Published:||2007-05-11|
|Date Last Updated:||2007-05-11 17:40 UTC|