Computer Associates Alert Notification Server opcode 23 buffer overflow

2008-04-25T00:00:00
ID SAINT:BCDA3D188FB74B1ED58DCADE1B84DBC7
Type saint
Reporter SAINT Corporation
Modified 2008-04-25T00:00:00

Description

Added: 04/25/2008
CVE: CVE-2007-4620
BID: 28605
OSVDB: 44040

Background

The Alert Notification Server is included with multiple Computer Associates products to provide notifications to console users.

Problem

The Alert Notification Server is affected by buffer overflow vulnerabilities in multiple RPC operations allowing remote attackers to execute arbitrary commands.

Resolution

Apply one of the updates referenced in the Security Notice.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=679>

Limitations

Exploit works on CA eTrust Antivirus r8 with patch QO89817. Valid Windows credentials are required in order for this exploit to succeed.

Platforms

Windows 2000
Windows Server 2003