Sign-up

ID

VAR-200501-0309


CVE

CVE-2004-0933


TITLE

Security hole

Trust: 0.6

sources: CNNVD: CNNVD-200501-311

DESCRIPTION

Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. Multiple Vendor Antivirus applications are reported vulnerable to a zip file detection evasion vulnerability. This vulnerability may allow maliciously crafted zip files to avoid being scanned and detected. A remote attacker can craft a malicious zip archive and send it a vulnerable user. The malicious archive can bypass the protection provided by a vulnerable antivirus program, giving users a false sense of security. If the user opens and executes the file, this attack can result in a malicious code infection. This issue is reported to affected products offered by McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV. Latest antivirus products by Symantec, Bitdefender, Trend Micro and Panda are not vulnerable to this issue

Trust: 1.26

sources: NVD: CVE-2004-0933 // BID: 11448 // VULHUB: VHN-9363

AFFECTED PRODUCTS

vendor:sophosmodel:anti-virusscope:eqversion:3.78d

Trust: 1.6

vendor:sophosmodel:small business suitescope:eqversion:1.0

Trust: 1.3

vendor:sophosmodel:puremessage anti-virusscope:eqversion:4.6

Trust: 1.3

vendor:sophosmodel:anti-virusscope:eqversion:3.86

Trust: 1.3

vendor:sophosmodel:anti-virusscope:eqversion:3.85

Trust: 1.3

vendor:sophosmodel:anti-virusscope:eqversion:3.84

Trust: 1.3

vendor:sophosmodel:anti-virusscope:eqversion:3.83

Trust: 1.3

vendor:sophosmodel:anti-virusscope:eqversion:3.82

Trust: 1.3

vendor:sophosmodel:anti-virusscope:eqversion:3.81

Trust: 1.3

vendor:sophosmodel:anti-virusscope:eqversion:3.80

Trust: 1.3

vendor:sophosmodel:anti-virusscope:eqversion:3.79

Trust: 1.3

vendor:sophosmodel:anti-virusscope:eqversion:3.78

Trust: 1.3

vendor:sophosmodel:anti-virusscope:eqversion:3.4.6

Trust: 1.3

vendor:mcafeemodel:antivirus enginescope:eqversion:4.3.20

Trust: 1.3

vendor:gentoomodel:linuxscope:eqversion:1.4

Trust: 1.3

vendor:susemodel:linuxscope:eqversion:9.2

Trust: 1.0

vendor:broadcommodel:etrust antivirus gatewayscope:eqversion:7.1

Trust: 1.0

vendor:rav antivirusmodel:desktopscope:eqversion:8.6

Trust: 1.0

vendor:broadcommodel:etrust antivirusscope:eqversion:7.1

Trust: 1.0

vendor:broadcommodel:etrust ez armorscope:eqversion:2.3

Trust: 1.0

vendor:kaspersky labmodel:anti-virusscope:eqversion:5.0

Trust: 1.0

vendor:rav antivirusmodel:for file serversscope:eqversion:1.0

Trust: 1.0

vendor:kaspersky labmodel:anti-virusscope:eqversion:3.0

Trust: 1.0

vendor:esetmodel:nod32 antivirusscope:eqversion:1.0.12

Trust: 1.0

vendor:broadcommodel:etrust secure content managerscope:eqversion:1.1

Trust: 1.0

vendor:kaspersky labmodel:anti-virusscope:eqversion:4.0

Trust: 1.0

vendor:mandrakesoftmodel:mandrake linuxscope:eqversion:10.1

Trust: 1.0

vendor:esetmodel:nod32 antivirusscope:eqversion:1.0.13

Trust: 1.0

vendor:broadcommodel:etrust ez antivirusscope:eqversion:6.2

Trust: 1.0

vendor:broadcommodel:etrust antivirus gatewayscope:eqversion:7.0

Trust: 1.0

vendor:rav antivirusmodel:for mail serversscope:eqversion:8.4.2

Trust: 1.0

vendor:broadcommodel:etrust intrusion detectionscope:eqversion:1.4.1.13

Trust: 1.0

vendor:broadcommodel:etrust antivirusscope:eqversion:7.0

Trust: 1.0

vendor:broadcommodel:etrust secure content managerscope:eqversion:1.0

Trust: 1.0

vendor:gentoomodel:linuxscope:eqversion:*

Trust: 1.0

vendor:broadcommodel:etrust intrusion detectionscope:eqversion:1.5

Trust: 1.0

vendor:broadcommodel:etrust ez armorscope:eqversion:2.4

Trust: 1.0

vendor:esetmodel:nod32 antivirusscope:eqversion:1.0.11

Trust: 1.0

vendor:broadcommodel:etrust ez antivirusscope:eqversion:6.1

Trust: 1.0

vendor:broadcommodel:brightstor arcserve backupscope:eqversion:11.1

Trust: 1.0

vendor:broadcommodel:inoculateitscope:eqversion:6.0

Trust: 1.0

vendor:broadcommodel:etrust intrusion detectionscope:eqversion:1.4.5

Trust: 1.0

vendor:broadcommodel:etrust ez antivirusscope:eqversion:6.3

Trust: 1.0

vendor:broadcommodel:etrust ez armorscope:eqversion:2.0

Trust: 1.0

vendor:camodel:etrust antivirusscope:eqversion:7.0_sp2

Trust: 1.0

vendor:camodel:etrust secure content managerscope:eqversion:1.0

Trust: 1.0

vendor:archive zipmodel:archive zipscope:eqversion:1.13

Trust: 1.0

vendor:sophosmodel:anti-virus dscope:eqversion:3.78

Trust: 0.3

vendor:s u s emodel:linux personalscope:eqversion:9.2

Trust: 0.3

vendor:ravmodel:antivirus rav antivirus for mail serversscope:eqversion:8.4.2

Trust: 0.3

vendor:ravmodel:antivirus rav antivirus for file serversscope:eqversion:1.0

Trust: 0.3

vendor:ravmodel:antivirus rav antivirus desktopscope:eqversion:8.6

Trust: 0.3

vendor:mandrivamodel:linux mandrake x86 64scope:eqversion:10.1

Trust: 0.3

vendor:mandrivamodel:linux mandrakescope:eqversion:10.1

Trust: 0.3

vendor:kasperskymodel:labs antivirus scanning enginescope:eqversion:5.0

Trust: 0.3

vendor:kasperskymodel:labs antivirus scanning enginescope:eqversion:4.0

Trust: 0.3

vendor:kasperskymodel:labs antivirus scanning enginescope:eqversion:3.0

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:esetmodel:nod32 antivirusscope:eqversion:1.013

Trust: 0.3

vendor:esetmodel:nod32 antivirusscope:eqversion:1.012

Trust: 0.3

vendor:esetmodel:nod32 antivirusscope:eqversion:1.011

Trust: 0.3

vendor:computermodel:associates inoculateitscope:eqversion:6.0

Trust: 0.3

vendor:computermodel:associates etrust secure content managerscope:eqversion:1.1

Trust: 0.3

vendor:computermodel:associates etrust secure content manager sp1scope:eqversion:1.0

Trust: 0.3

vendor:computermodel:associates etrust secure content managerscope:eqversion:1.0

Trust: 0.3

vendor:computermodel:associates etrust intrusion detectionscope:eqversion:1.5

Trust: 0.3

vendor:computermodel:associates etrust intrusion detectionscope:eqversion:1.4.5

Trust: 0.3

vendor:computermodel:associates etrust intrusion detectionscope:eqversion:1.4.1.13

Trust: 0.3

vendor:computermodel:associates etrust ez armorscope:eqversion:2.4

Trust: 0.3

vendor:computermodel:associates etrust ez armorscope:eqversion:2.3

Trust: 0.3

vendor:computermodel:associates etrust ez armorscope:eqversion:2.0

Trust: 0.3

vendor:computermodel:associates etrust ez antivirusscope:eqversion:6.3

Trust: 0.3

vendor:computermodel:associates etrust ez antivirusscope:eqversion:6.2

Trust: 0.3

vendor:computermodel:associates etrust ez antivirusscope:eqversion:6.1

Trust: 0.3

vendor:computermodel:associates etrust antivirus for the gatewayscope:eqversion:7.1

Trust: 0.3

vendor:computermodel:associates etrust antivirus for the gatewayscope:eqversion:7.0

Trust: 0.3

vendor:computermodel:associates etrust antivirusscope:eqversion:7.1

Trust: 0.3

vendor:computermodel:associates etrust antivirus sp2scope:eqversion:7.0

Trust: 0.3

vendor:computermodel:associates etrust antivirusscope:eqversion:7.0

Trust: 0.3

vendor:computermodel:associates brightstor arcserve backup for windowsscope:eqversion:11.1

Trust: 0.3

vendor:archive zipmodel:archive::zipscope:eqversion:1.13

Trust: 0.3

vendor:archive zipmodel:archive::zipscope:neversion:1.14

Trust: 0.3

sources: BID: 11448 // CNNVD: CNNVD-200501-311 // NVD: CVE-2004-0933

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2004-0933
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200501-311
value: HIGH

Trust: 0.6

VULHUB: VHN-9363
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2004-0933
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-9363
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-9363 // CNNVD: CNNVD-200501-311 // NVD: CVE-2004-0933

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2004-0933

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200501-311

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200501-311

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-9363

PATCH
title:Multiple antivirus software Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=146860
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200501-311

EXTERNAL IDS
db:NVDid:CVE-2004-0933
Trust: 2.0
db:BIDid:11448
Trust: 2.0
db:CNNVDid:CNNVD-200501-311
Trust: 0.7
db:EXPLOIT-DBid:629
Trust: 0.1
db:VULHUBid:VHN-9363
Trust: 0.1
sources:
            
            
            VULHUB: VHN-9363 // 
            
            
            
            BID: 11448 // 
            
            
            
            CNNVD: CNNVD-200501-311 // 
            
            
            
            NVD: CVE-2004-0933

REFERENCES
url:http://supportconnectw.ca.com/public/ca_common_docs/arclib_vuln.asp
Trust: 2.0
url:http://www.securityfocus.com/bid/11448
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/17761
Trust: 1.7
url:http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true
Trust: 1.6
url:http://download.mcafee.com/uk/updates/updates.asp
Trust: 0.3
url:http://www.nod32.com/
Trust: 0.3
url:http://www.kaspersky.com/
Trust: 0.3
url:http://www.ravantivirus.com/
Trust: 0.3
url:http://www.sophos.com/
Trust: 0.3
url:/archive/1/378660
Trust: 0.3
url:http://www.idefense.com/application/poi/display?id=153&type=vulnerabilities&flashstatus=true
Trust: 0.1
sources:
            
            
            VULHUB: VHN-9363 // 
            
            
            
            BID: 11448 // 
            
            
            
            CNNVD: CNNVD-200501-311 // 
            
            
            
            NVD: CVE-2004-0933

CREDITS
iDEFENSE Security Advisory※ labs@idefense.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200501-311

SOURCES
db:VULHUBid:VHN-9363
db:BIDid:11448
db:CNNVDid:CNNVD-200501-311
db:NVDid:CVE-2004-0933

LAST UPDATE DATE
2024-08-14T13:51:14.300000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-9363date:2017-07-11T00:00:00
db:BIDid:11448date:2009-07-12T08:06:00
db:CNNVDid:CNNVD-200501-311date:2021-04-08T00:00:00
db:NVDid:CVE-2004-0933date:2021-04-09T17:00:09.303

SOURCES RELEASE DATE
db:VULHUBid:VHN-9363date:2005-01-27T00:00:00
db:BIDid:11448date:2004-10-18T00:00:00
db:CNNVDid:CNNVD-200501-311date:2004-10-15T00:00:00
db:NVDid:CVE-2004-0933date:2005-01-27T05:00:00