Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0933

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0933
Last Modified 05 Sep 2008 04:39:50
Published 27 Jan 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0933

Summary

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

Vulnerable Systems

Operating System

  • Gentoo Linux

  • Gentoo Linux 1.4

  • Mandrakesoft Mandrake Linux 10.1

  • Suse Linux 9.2

Application

  • Archive Zip 1.13

  • Ca Brightstor Arcserve Backup 11.1

  • Ca Etrust Antivirus 7.0

  • Ca Etrust Antivirus 7.0 Sp2

  • Ca Etrust Antivirus 7.1

  • Ca Etrust Antivirus Gateway 7.0

  • Ca Etrust Antivirus Gateway 7.1

  • Ca Etrust Ez Antivirus 6.1

  • Ca Etrust Ez Antivirus 6.2

  • Ca Etrust Ez Antivirus 6.3

  • Ca Etrust Ez Armor 2.0

  • Ca Etrust Ez Armor 2.3

  • Ca Etrust Ez Armor 2.4

  • Ca Etrust Intrusion Detection 1.4.1.13

  • Ca Etrust Intrusion Detection 1.4.5

  • Ca Etrust Intrusion Detection 1.5

  • Ca Etrust Secure Content Manager 1.0

  • Ca Etrust Secure Content Manager 1.1

  • Ca Inoculateit 6.0

  • Eset Software Nod32 Antivirus 1.0.11

  • Eset Software Nod32 Antivirus 1.0.12

  • Eset Software Nod32 Antivirus 1.0.13

  • Kaspersky Lab Kaspersky Anti-virus 3.0

  • Kaspersky Lab Kaspersky Anti-virus 4.0

  • Kaspersky Lab Kaspersky Anti-virus 5.0

  • Mcafee Antivirus Engine 4.3.20

  • Rav Antivirus Desktop 8.6

  • Rav Antivirus For File Servers 1.0

  • Rav Antivirus For Mail Servers 8.4.2

  • Sophos Anti-virus 3.4.6

  • Sophos Anti-virus 3.78

  • Sophos Anti-virus 3.78d

  • Sophos Anti-virus 3.79

  • Sophos Anti-virus 3.80

  • Sophos Anti-virus 3.81

  • Sophos Anti-virus 3.82

  • Sophos Anti-virus 3.83

  • Sophos Anti-virus 3.84

  • Sophos Anti-virus 3.85

  • Sophos Anti-virus 3.86

  • Sophos Puremessage Anti-virus 4.6

  • Sophos Small Business Suite 1.0


References

BID - 11448

XF - antivirus-zip-protection-bypass(17761)

IDEFENSE - 20041018 Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability

CONFIRM - http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp


Last Updated: 27 May 2016 10:38:49