CVE-2004-0933

Computer Associates (CA) - Auth Bypass

Title source: llm

Description

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.

Exploits (1)

exploitdb WORKING POC

clocalmultiple

https://www.exploit-db.com/exploits/629

View Code ZIP pw:eip

References (4)

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/11448

[Various Sources] http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp

[Various Sources] http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/17761

Scores

EPSS 0.3003

EPSS Percentile 96.7%

Details

Status published

Products (47)

archive_zip/archive_zip 1.13

broadcom/brightstor_arcserve_backup 11.1

broadcom/etrust_antivirus 7.0

broadcom/etrust_antivirus 7.1

broadcom/etrust_antivirus_gateway 7.0

broadcom/etrust_antivirus_gateway 7.1

broadcom/etrust_ez_antivirus 6.1

broadcom/etrust_ez_antivirus 6.2

broadcom/etrust_ez_antivirus 6.3

broadcom/etrust_ez_armor 2.0

... and 37 more

Published Jan 27, 2005

Tracked Since Feb 18, 2026