The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of CA Anti-Virus: denial of service of vetfddnt.sys and vetmonnt.sys

Synthesis of the vulnerability 

A local attacker can send malicious data to vetfddnt.sys and vetmonnt.sys drivers in order to stop the antivirus.
Vulnerable products: CA Antivirus, e-Trust Antivirus.
Severity of this weakness: 1/4.
Creation date: 14/12/2006.
Références of this bulletin: BID-21593, CAID 34870, CVE-2006-6496, VIGILANCE-VUL-6402.

Description of the vulnerability 

The vetfddnt.sys and vetmonnt.sys drivers are used by CA Anti-Virus.

Some of their functions, available via ioctl, do not check if parameters are NULL before dereferencing them.

A local attacker can thus use a NULL parameter in order to stop system.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This cybersecurity threat impacts software or systems such as CA Antivirus, e-Trust Antivirus.

Our Vigil@nce team determined that the severity of this computer threat note is low.

The trust level is of type confirmed by a trusted third party, with an origin of user shell.

An attacker with a expert ability can exploit this security threat.

Solutions for this threat 

CA Anti-Virus: automatic update.
Problem is corrected by the automatic update after 13th of December 2006.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a system vulnerability bulletin. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.