PT-2006-5654 · Computer Associates · Etrust Audit+1

Publicado

2006-09-22

Atualizado

2021-04-09

CVE-2006-4901

CVSS v2.0

6.4

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:P

Name of the Vulnerable Software and Affected Versions Computer Associates (CA) eTrust Security Command Center versions 1.0 and r8 up to SP1 CR2 Computer Associates (CA) eTrust Audit versions 1.5 and r8

Description The issue allows remote attackers to spoof alerts and conduct replay attacks by invoking eTSAPISend.exe with the desired arguments.

Recommendations For Computer Associates (CA) eTrust Security Command Center versions 1.0 and r8 up to SP1 CR2, consider restricting access to eTSAPISend.exe to prevent spoofing and replay attacks. For Computer Associates (CA) eTrust Audit versions 1.5 and r8, consider restricting access to eTSAPISend.exe to prevent spoofing and replay attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-4901

Produtos afetados

Etrust Audit

Ca Etrust Security Command Center

PT-2006-5654 · Computer Associates · Etrust Audit+1

CVE-2006-4901

Identificadores relacionados

Produtos afetados

Referências · 16