View my documents ()
 Home > Support > Global Security Advisor 

Vulnerability Detail

CA eTrust Security Command Center and Audit external relay attacks vulnerability

Date Discovered:
21 Sep 2006

Date Published:
21 Sep 2006

Last Updated:
4 Oct 2006

Threat Assessment

Overall Risk:  Medium
Popularity : Medium
Impact:  High
Simplicity:  Low

Characteristics

Vulnerability ID:  34618
Discovered By:  Patrick Webster

Exploitable Locally:  No
Exploitable Remotely:  Yes

Impact:  A remote attacker can sent false-positive alerts.

Root Cause:  Software Vulnerability

Description
Recommendations
Affected Technologies
References
 

Description

CA eTrust Security Command Center and Audit contains a vulnerability that can allow a remote attacker to cause external relay attacks. The vulnerability is due to no authentication in event alerting system. An attacker can exploit this vulnerability to sent false-positive alerts.

Back to top

Recommendations



-------------------------------------------------------------------------------
For: CA eTrust Audit - Client 1.5 SP2, CA eTrust Audit - Client 1.5 SP3, CA eTrust Audit - Data Tools r8.0, CA eTrust Audit - DataTools 1.5 SP2, CA eTrust Audit - DataTools 1.5 SP3, CA eTrust Audit - Policy manager r8.0, CA eTrust Audit - PolicyManager 1.5 SP2, CA eTrust Audit - PolicyManager 1.5 SP3, CA eTrust Audit Client r8.0, CA eTrust Security Command Center - Server r8, CA eTrust Security Command Center 1.0, CA eTrust Security Command Center r8 SP1 CR1, CA eTrust Security Command Center r8 SP1 CR2

Please utilize perimeter firewalls to block access to the event system

Back to top

Affected Technologies

Computer Associates: CA eTrust Audit - Client 1.5 SP2
Computer Associates: CA eTrust Audit - Client 1.5 SP3
Computer Associates: CA eTrust Audit - Data Tools r8.0
Computer Associates: CA eTrust Audit - DataTools 1.5 SP2
Computer Associates: CA eTrust Audit - DataTools 1.5 SP3
Computer Associates: CA eTrust Audit - Policy manager r8.0
Computer Associates: CA eTrust Audit - PolicyManager 1.5 SP2
Computer Associates: CA eTrust Audit - PolicyManager 1.5 SP3
Computer Associates: CA eTrust Audit Client r8.0
Computer Associates: CA eTrust Security Command Center - Server r8
Computer Associates: CA eTrust Security Command Center r8 SP1 CR1
Computer Associates: CA eTrust Security Command Center r8 SP1 CR2
Computer Associates: eTrust Security Command Center 1.0

Back to top

References

Computer Associates: eTrustSCCAuditVuln
Mitre CVE: CVE-2006-4901

Back to top

CA Global Security Advisor

Current threat condition: Low
Low
Documents and Tools
Find Threats
Viruses Spyware
Vulnerabilities All
 
 
Page Tools
ShareShare