cvelistv5 - cve-2006-5645

CVE-2006-5645 (GCVE-0-2006-5645)

Vulnerability from cvelistv5

Published

2006-11-01 15:00

Modified

2024-08-07 19:55

Severity ?

CWE

Summary

Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when "Enabled scanning of archives" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero.

References

URL

Tags

	http://www.securitytracker.com/id?1018450	vdb-entry, x_refsource_SECTRACK
	http://www.sophos.com/support/knowledgebase/article/7609.html	x_refsource_CONFIRM
	http://securitytracker.com/id?1017132	vdb-entry, x_refsource_SECTRACK
	http://www.vupen.com/english/advisories/2006/4239	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/20816	vdb-entry, x_refsource_BID
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439	third-party-advisory, x_refsource_IDEFENSE
	http://www.securityfocus.com/archive/1/474683/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/22591	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:55:54.155Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1018450",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018450"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
          },
          {
            "name": "1017132",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1017132"
          },
          {
            "name": "ADV-2006-4239",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4239"
          },
          {
            "name": "20816",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20816"
          },
          {
            "name": "20061208 Multiple Vendor Antivirus RAR File Denial of Service Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
          },
          {
            "name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
          },
          {
            "name": "22591",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22591"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-10-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when \"Enabled scanning of archives\" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-17T20:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1018450",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018450"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
        },
        {
          "name": "1017132",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1017132"
        },
        {
          "name": "ADV-2006-4239",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4239"
        },
        {
          "name": "20816",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/20816"
        },
        {
          "name": "20061208 Multiple Vendor Antivirus RAR File Denial of Service Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
        },
        {
          "name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
        },
        {
          "name": "22591",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/22591"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5645",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Sophos Anti-Virus and Endpoint Security before 6.0.5, Anti-Virus for Linux before 5.0.10, and other platforms before 4.11, when \"Enabled scanning of archives\" is set, allows remote attackers to cause a denial of service (infinite loop) via a malformed RAR archive with an Archive Header section with the head_size and pack_size fields set to zero."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1018450",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018450"
            },
            {
              "name": "http://www.sophos.com/support/knowledgebase/article/7609.html",
              "refsource": "CONFIRM",
              "url": "http://www.sophos.com/support/knowledgebase/article/7609.html"
            },
            {
              "name": "1017132",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1017132"
            },
            {
              "name": "ADV-2006-4239",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/4239"
            },
            {
              "name": "20816",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/20816"
            },
            {
              "name": "20061208 Multiple Vendor Antivirus RAR File Denial of Service Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=439"
            },
            {
              "name": "20070726 RE: [CAID 35525, 35526]: CA Products Arclib Library Denial of Service Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/474683/100/0/threaded"
            },
            {
              "name": "22591",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/22591"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-5645",
    "datePublished": "2006-11-01T15:00:00.000Z",
    "dateReserved": "2006-11-01T00:00:00.000Z",
    "dateUpdated": "2024-08-07T19:55:54.155Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2007-AVI-329

Vulnerability from certfr_avis

Deux vulnérabilités affectant la bibliothèque arclib.dll permettent de réaliser un déni de service à distance.

Description

Deux vulnérabilités affectant la bibliothèque arclib.dll (versions antérieures à 7.3.0.9), présente dans de nombreux produits de l'éditeur Computer Associates, ont été découvertes. Ces vulnérabilités permettent, par le biais d'un fichier au format CHM (CVE-2007-3875) ou au format RAR (CVE-2006-5645) spécifiquement constitué, de réaliser un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	BrightStor ARCserve Backup v9.01 ;
ESET	N/A	eTrust EZ Armor r1, r2, r3.x ;
ESET	N/A	CA Anti-Virus Gateway (anciennement eTrust Antivirus Gateway) 7.1 ;
ESET	N/A	CA Protection Suites r2, r3 ;
ESET	N/A	CA Common Services (CCS) r11, r11.1 ;
Microsoft	Windows	BrightStor ARCserve Backup r11 pour Windows, r11.1, r11.5 ;
ESET	N/A	CA Anti-Virus 2007 (v8) ;
ESET	N/A	BrightStor Enterprise Backup r10.5 ;
ESET	N/A	eTrust EZ Antivirus r7, r6.1 ;
ESET	Internet Security	CA Internet Security Suite 2007 (v3) ;
ESET	N/A	CA Anti-Virus for the Enterprise (anciennement eTrust Antivirus) 7.0, 7.1, r8, r8.1 ;
ESET	N/A	CA Secure Content Manager (anciennement eTrust Secure Content Manager) 1.1, 8.0 ;
ESET	Internet Security	eTrust Internet Security Suite r1, r2 ;
N/A	N/A	Unicenter Network and Systems Management (NSM) r3, 3.1, r11, r11.1 ;
N/A	N/A	CA Anti-Spyware for the Enterprise (anciennement eTrust PestPatrol) r8, 8.1 ;
Microsoft	Windows	BrightStor ARCserve Client agent for Windows ;
ESET	N/A	eTrust Intrusion Detection 2.0 SP1, 3.0, 3.0 SP1 ;
ESET	N/A	CA Anti-Virus SDK (anciennement eTrust Anti-Virus SDK).
N/A	N/A	CA Anti-Spyware 2007 ;
N/A	N/A	CA Threat Manager for the Enterprise (anciennement eTrust Integrated Threat Management) r8 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Computer Associates du 24 juillet 2007

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "BrightStor ARCserve Backup v9.01 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "eTrust EZ Armor r1, r2, r3.x ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "CA Anti-Virus Gateway (anciennement eTrust Antivirus Gateway) 7.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "CA Protection Suites r2, r3 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "CA Common Services (CCS) r11, r11.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "BrightStor ARCserve Backup r11 pour Windows, r11.1, r11.5 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "CA Anti-Virus 2007 (v8) ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "BrightStor Enterprise Backup r10.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "eTrust EZ Antivirus r7, r6.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "CA Internet Security Suite 2007 (v3) ;",
      "product": {
        "name": "Internet Security",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "CA Anti-Virus for the Enterprise (anciennement eTrust Antivirus) 7.0, 7.1, r8, r8.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "CA Secure Content Manager (anciennement eTrust Secure Content Manager) 1.1, 8.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "eTrust Internet Security Suite r1, r2 ;",
      "product": {
        "name": "Internet Security",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "Unicenter Network and Systems Management (NSM) r3, 3.1, r11, r11.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA Anti-Spyware for the Enterprise (anciennement eTrust PestPatrol) r8, 8.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "BrightStor ARCserve Client agent for Windows ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "eTrust Intrusion Detection 2.0 SP1, 3.0, 3.0 SP1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "CA Anti-Virus SDK (anciennement eTrust Anti-Virus SDK).",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "ESET",
          "scada": false
        }
      }
    },
    {
      "description": "CA Anti-Spyware 2007 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA Threat Manager for the Enterprise (anciennement eTrust Integrated Threat Management) r8 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s affectant la biblioth\u00e8que arclib.dll (versions\nant\u00e9rieures \u00e0 7.3.0.9), pr\u00e9sente dans de nombreux produits de l\u0027\u00e9diteur\nComputer Associates, ont \u00e9t\u00e9 d\u00e9couvertes. Ces vuln\u00e9rabilit\u00e9s permettent,\npar le biais d\u0027un fichier au format CHM (CVE-2007-3875) ou au format RAR\n(CVE-2006-5645) sp\u00e9cifiquement constitu\u00e9, de r\u00e9aliser un d\u00e9ni de service\n\u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-3875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3875"
    },
    {
      "name": "CVE-2006-5645",
      "url": "https://www.cve.org/CVERecord?id=CVE-2006-5645"
    }
  ],
  "initial_release_date": "2007-07-25T00:00:00",
  "last_revision_date": "2007-07-25T00:00:00",
  "links": [],
  "reference": "CERTA-2007-AVI-329",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-07-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s affectant la biblioth\u00e8que arclib.dll permettent de\nr\u00e9aliser un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans plusieurs produits Computer Associates",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 24 juillet 2007",
      "url": "http://supportconnectw.ca.com/public/antivirus/infodocs/caprodarclib-secnot.asp"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2006-5645 (GCVE-0-2006-5645)

Vulnerability from cvelistv5

CERTA-2007-AVI-329

Vulnerability from certfr_avis

Description

Solution

Tags

Sightings

Nomenclature