Lucene search

K

RootSSV:3123

HistoryApr 09, 2008 - 12:00 a.m.

CA Alert Notification服务多个RPC栈溢出漏洞

2008-04-0900:00:00

Root

www.seebug.org

18

EPSS

0.212

Percentile

96.5%

BUGTRAQ ID: 28605
CVE(CAN) ID: CVE-2007-4620

Alert Notification Server是很多CA产品中都在使用的服务，用于向控制台用户提供通知。

Alert Notification服务在处理畸形格式的RPC请求时存在漏洞，远程攻击者可能利用此漏洞控制服务器。

Alert Notification服务以GUID 3d742890-397c-11cf-9bf1-00805f88cb72实现了一个RPC接口，该接口在处理各种opcode时使用不安全的库函数将用户提供的数据拷贝到了固定大小的栈缓冲区。如果用户提交了特制的RPC请求的话，就可以触发缓冲区溢出，导致执行任意指令。

Computer Associates BrightStor ARCserve Backup R11.5
Computer Associates BrightStor ARCserve Backup R11.1
Computer Associates BrightStor ARCserve Backup r11.0 for Windows
Computer Associates Anti-Virus for the Enterprise r8.1
Computer Associates Anti-Virus for the Enterprise r8
Computer Associates Anti-Virus for the Enterprise 7.1
Computer Associates Threat Manager for the Enterprise r8.1
Computer Associates Threat Manager for the Enterprise r8
Computer Associates

目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：

<a href=“https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=QO96387” target=“_blank”>https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=QO96387</a>
<a href=“https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=QO96080” target=“_blank”>https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=QO96080</a>
<a href=“https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=QO96079” target=“_blank”>https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=QO96079</a>

EPSS

0.212

Percentile

96.5%

Related for SSV:3123

saint4 checkpoint_advisories2 securityvulns2 metasploit1 nvd1 packetstorm1 cvelist1 prion1 exploitdb1 cve1