Next Page >>
Internet security
CA20090818-02: Security Notice for CA Internet Security Suite
Issued: August 18, 2009
CA's technical support is alerting customers to a security risk with
CA Internet Security Suite. A vulnerability exists that can allow a
local attacker to cause a denial of service. CA has issued updates
to address the vulnerability.
The vulnerability, CVE-2009-0682, is due to insufficient verification
Vulnerable software:
* 3D EQSecure Professional Edition 4.2
* avast! Internet Security 5.0.462
* AVG Internet Security 9.0.791
* Avira Premium Security Suite 10.0.0.536
* BitDefender Total Security 2010 13.0.20.347
* Blink Professional 4.6.1
* CA Internet Security Suite Plus 2010 6.0.0.272
----------------------------------------------------------------------
(PT-2009-05) Positive Technologies Security Advisory
CA Internet Security Suite Denial of Service Vulnerability
----------------------------------------------------------------------
---[ Affected Software ]
Affected Products: (Self tested)
-Panda Security for Business 4.04.10
-Panda Security for Business with Exchange
4.04.10
-Panda Security for Enterprise 4.04.10
-Panda Internet Security 2010 (15.01.00)
-Panda Global Protection 2010 (3.01.00)
-Panda Antivirus Pro 2010 (9.01.00)
-Panda Antivirus for Netbooks (9.01.00)
(Provided by Panda)
Affected Products: (Self tested)
-Panda Security for Business 4.04.10
-Panda Security for Business with Exchange
4.04.10
-Panda Security for Enterprise 4.04.10
-Panda Internet Security 2010 (15.01.00)
-Panda Global Protection 2010 (3.01.00)
-Panda Antivirus Pro 2010 (9.01.00)
-Panda Antivirus for Netbooks (9.01.00)
(Provided by Panda)
CISA, CISSP, ITIL
CEH Instructor, ECSP Instructor, CSSLP, OPSA, OPST
OWASP Spain Chapter Leader
vaguilera@isecauditors.com
Internet Security Auditors
www.isecauditors.com
c. Santander, 101. Edif. A. 2º
E-08030 Barcelona (Spain)
Tel: +34 93 305 13 18
http://labs.idefense.com/intelligence/vulnerabilities/
Jun 04, 2008
I. BACKGROUND
aspersky Internet Security Suite is a combination of Kaspersky
anti-virus, anti-spam, and personal firewall in one product. For more
information see the vendor's website at the following URL.
http://www.kaspersky.com/
http://labs.idefense.com/intelligence/vulnerabilities/
Jun 04, 2008
I. BACKGROUND
aspersky Internet Security Suite is a combination of Kaspersky
anti-virus, anti-spam, and personal firewall in one product. For more
information see the vendor's website at the following URL.
http://www.kaspersky.com/
Windows
Affected Products
CA Host-Based Intrusion Prevention System (HIPS) r8.1
CA Internet Security Suite (ISS) 2010
CA Internet Security Suite (ISS) 2011
How to determine if the installation is affected
HIPS Management Server is vulnerable if the version number is less than
----------------------------------------------------------------------
(PT-2009-09) Positive Technologies Security Advisory
Trend Micro Internet Security Pro 2009 tmactmon.sys Priviliege
Escalation Vulnerabilities
----------------------------------------------------------------------
---[ Affected Software ]
ESET NOD32 Antivirus 5.0.93.0, 5.0.94.0 and earlier
4.2.71.2 and earlier
4.0.x
AVAST 6.0.1289 Internet Security , engine 111011-2 and earlier
F-Prot Antivirus 6.0.9.5 , Scanning Engine 4.6.2
G-Data AntiVirus 2012 22.0.2.38, 22.0.9.1
ASPR #2011-01-11-1: Remote Binary Planting in Multiple F-Secure Products
=======================================================================
Document ID: ASPR #2011-01-11-1-PUB
Vendor: F-Secure Corp. (http://www.f-secure.com)
Target: F-Secure Internet Security 2010 and 2011
F-Secure Anti-Virus 2010 and 2011
(and multiple other F-Secure products)
Impact: Remote execution of arbitrary code
Severity: Very high
Status: Official patch available, workarounds available
Kaspersky Anti-Virus 6.0 for Windows Workstations (6.0.3.837)
Kaspersky Anti-Virus 6.0 for Windows File Servers (6.0.3.837)
Kaspersky Anti-Virus 7 (7.0.1.325)
Kaspersky Anti-Virus 2009 (8.0.0.x)
Kaspersky Anti-Virus 2010 (9.0.0.463)
Kaspersky Internet Security 7 (7.0.1.325)
Kaspersky Internet Security 2009 (8.0.0.x)
Kaspersky Internet Security 2010 (9.0.0.463)
Prior versions may also be affected.
AhnLab Inc.
Affected:
AhnLab Antivirus V3 Internet Security 2008
The other version maybe vulnerable too.
This vulnerability has been confirmed on AhnLab V3 Internet Security
2008 Platinum.
http://labs.idefense.com/intelligence/vulnerabilities/
Apr 02, 2008
I. BACKGROUND
Norton Internet Security 2008 is a system security suite that offers
protection from spyware, viruses, identity theft, spam, and malicious
network traffic. More information can be found on the vendor's site at
the following URL.
http://www.symantec.com/home_homeoffice/products/overview.jsp?pcid=is&pvid=nis2008
CA Anti-Virus 2007 (v8)
CA Anti-Virus 2008
CA Anti-Virus 2009
CA Anti-Virus Plus 2009
eTrust EZ Antivirus r7.1
CA Internet Security Suite 2007 (v3)
CA Internet Security Suite 2008
CA Internet Security Suite Plus 2008
CA Internet Security Suite Plus 2009
CA Threat Manager for the Enterprise (formerly eTrust Integrated
Threat Management) r8
=============================================
INTERNET SECURITY AUDITORS ALERT 2010-008
- Original release date: August 30th, 2010
- Last revised: September 21st, 2010
- Discovered by: Vicente Aguilera Diaz
- Severity: 4/10 (CVSSv2 Base Scored)
=============================================
I. VULNERABILITY
-------------------------
-ServerProtect for EMC Celerra
-ServerProtect for NetApp
-Server Protect for Linux
-ServerProtect for Network Appliance Filers
3. Trend Micro Internet Security product suites
(Internet Security Pro, Internet Security, Antivirus+AntiSpyware)
4. Client / Server / Messaging Suite ( The OfficeScan component )
5. Worry Free Business Security - Standard
6. Worry Free Business Security - Advanced ( The security agent component )
7. Worry Free Business Security Hosted
=============================================
INTERNET SECURITY AUDITORS ALERT 2010-005
- Original release date: March 30th, 2010
- Last revised: September 23th, 2010
- Discovered by: Mario Diaz Caldera
- Severity: 5.5/10 (CVSS Base Score)
=============================================
I. VULNERABILITY
-------------------------
=============================================
INTERNET SECURITY AUDITORS ALERT 2010-009
- Original release date: August 30th, 2010
- Last revised: September 21st, 2010
- Discovered by: Vicente Aguilera Diaz
- Severity: 4.3/10 (CVSSv2 Base Scored)
=============================================
I. VULNERABILITY
-------------------------
=============================================
INTERNET SECURITY AUDITORS ALERT 2009-005
- Original release date: March 2nd, 2009
- Last revised: December 18th, 2009
- Discovered by: Juan Galiana Lara
- Severity: 6.8/10 (CVSS scored)
=============================================
I. VULNERABILITY
-------------------------
=============================================
INTERNET SECURITY AUDITORS ALERT 2009-007
- Original release date: June 30th, 2009
- Last revised: July 2nd, 2009
- Discovered by: Juan Galiana Lara
- Severity: 6.8/10 (CVSS Base Score)
=============================================
I. VULNERABILITY
-------------------------
=============================================
INTERNET SECURITY AUDITORS ALERT 2010-007
- Original release date: August 11th, 2010
- Last revised: May 1st, 2011
- Discovered by: Vicente Aguilera Diaz
- Severity: 5.0/10 (CVSS Base Scored)
=============================================
I. VULNERABILITY
-------------------------
http://labs.idefense.com/intelligence/vulnerabilities/
Apr 02, 2008
I. BACKGROUND
Norton Internet Security 2008 is a system security suite that offers
protection from spyware, viruses, identity theft, spam, and malicious
network traffic. More information can be found on the vendor's site at
the following URL.
http://www.symantec.com/home_homeoffice/products/overview.jsp?pcid=is&pvid=nis2008
CA Anti-Virus 2007 (v8)
CA Anti-Virus 2008
CA Anti-Virus 2009
CA Anti-Virus Plus 2009
eTrust EZ Antivirus r7.1
CA Internet Security Suite 2007 (v3)
CA Internet Security Suite 2008
CA Internet Security Suite Plus 2008
CA Internet Security Suite Plus 2009
CA Threat Manager for the Enterprise (formerly eTrust Integrated
Threat Management) r8
Verification........................................................10
======================================================================
1) Affected Software
* Trend Micro Internet Security 2007
* Trend Micro Internet Security 2008 17.0.1224
* Trend Micro OfficeScan 8.0 SP1 Patch 1
NOTE: Other versions may also be affected.
=============================================
INTERNET SECURITY AUDITORS ALERT 2009-010
- Original release date: September 28th, 2009
- Last revised: December 15th, 2009
- Discovered by: Juan Galiana Lara
- CVE ID: CVE-2009-3703
- Severity: 8.5/10 (CVSS Base Score)
=============================================
I. VULNERABILITY
=============================================
INTERNET SECURITY AUDITORS ALERT 2007-004
- Original release date: November 7th, 2007
- Last revised: December 7th, 2007
- Discovered by: Jesus Olmos Gonzalez
- Severity: 4/5
=============================================
I. VULNERABILITY
-------------------------
Disclosure Policy :
http://blog.zoller.lu/2008/09/notification-and-disclosure-policy.html
Affected products :
- AVG Anti-Virus Network Edition (prior to engine build 8.5 323)
- AVG Internet Security Netzwerk Edition (prior to engine build 8.5 323)
- AVG Server Edition fr Linux/FreeBSD (prior to engine build 8.5 323)
- AVG eMail Server Edition (prior to engine build 8.5 323)
- AVG File Server Edition (prior to engine build 8.5 323)
- AVG Internet Security SBS Edition (prior to engine build 8.5 323)
- AVG Anti-Virus SBS Edition (prior to engine build 8.5 323)
=============================================
INTERNET SECURITY AUDITORS ALERT 2009-009
- Original release date: July 21st, 2009
- Last revised: July 23rd, 2009
- Discovered by: Juan Galiana Lara
- Severity: 5/10 (CVSS Base Score)
=============================================
I. VULNERABILITY
-------------------------
Next Page>>
|
