Computer Associates Alert Notification Server opcode 23 buffer overflow

2008-04-25T00:00:00
ID SAINT:EA5E4B4FA976B0771068965564443F70
Type saint
Reporter SAINT Corporation
Modified 2008-04-25T00:00:00

Description

Added: 04/25/2008
CVE: CVE-2007-4620
BID: 28605
OSVDB: 44040

Background

The Alert Notification Server is included with multiple Computer Associates products to provide notifications to console users.

Problem

The Alert Notification Server is affected by buffer overflow vulnerabilities in multiple RPC operations allowing remote attackers to execute arbitrary commands.

Resolution

Apply one of the updates referenced in the Security Notice.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=679>

Limitations

Exploit works on CA eTrust Antivirus r8 with patch QO89817. Valid Windows credentials are required in order for this exploit to succeed.

Platforms

Windows 2000
Windows Server 2003