Applied Watch Server Unauthenticated Alerts Modification

2003-11-27T06:15:50
ID OSVDB:2910
Type osvdb
Reporter OSVDB
Modified 2003-11-27T06:15:50

Description

Vulnerability Description

Applied Watch Server contains a flaw that may allow a malicious user to add custom IDS alerts to all sensor nodes on the network. This can effectively rendor an IDS system useless as any IDS alert/event would be suspect, regardless of the trigger or alert.

Solution Description

Upgrade to version 1.4.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Applied Watch Server contains a flaw that may allow a malicious user to add custom IDS alerts to all sensor nodes on the network. This can effectively rendor an IDS system useless as any IDS alert/event would be suspect, regardless of the trigger or alert.

References:

Secunia Advisory ID:10326 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-11/0334.html ISS X-Force ID: 13860 Generic Informational URL: http://www.bugtraq.org/advisories/_BSSADV-0000.txt CVE-2003-0974 Bugtraq ID: 9124