Vulnerabilities > CVE-2007-3825
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 | |
| Application | 5 |
Saint
| bid | 24947 |
| description | Computer Associates Alert Notification Server buffer overflow |
| id | misc_caalert |
| osvdb | 36096 |
| title | ca_alert_server |
| type | remote |
Seebug
| bulletinFamily | exploit |
| description | CVE(CAN) ID: CVE-2007-3825 警告通知服务器(alert.exe)是很多CA产品都在使用的服务,用于为控制台用户提供通知。 警告通知服务器所注册的RPC接口(GUID 3d742890-397c-11cf-9bf1-00805f88cb72)存在栈溢出漏洞。如果远程攻击者向该服务接口提交了超长的RPC请求的话,就可能触发这个溢出,导致以系统权限执行任意指令。 可使用SMB协议到达有漏洞的代码,因此在Windows XP及之后系统上必须有效的认证凭据,而Windows 2000无须认证。 Computer Associates BrightStor ARCserve Backup r11.1 Computer Associates BrightStor ARCserve Backup r11.0 for Windows Computer Associates BrightStor ARCserve Backup r10.5 Computer Associates BrightStor ARCserve Backup 9.01 Computer Associates BrightStor ARCserve Backup 11.5 Computer Associates BrightStor Enterprise Backup 10.5 Computer Associates Protection Suites r3 Computer Associates Threat Manager for the Enterprise r8 Computer Associates ------------------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: <a href="http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89817" target="_blank">http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO89817</a> |
| id | SSV:2013 |
| last seen | 2017-11-19 |
| modified | 2007-07-18 |
| published | 2007-07-18 |
| reporter | Root |
| title | CA产品警告通知服务器远程栈溢出漏洞 |
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=561
- http://secunia.com/advisories/26088
- http://supportconnectw.ca.com/public/antivirus/infodocs/caantivirus-secnotice.asp
- http://www.securityfocus.com/bid/24947
- http://www.securitytracker.com/id?1018402
- http://www.securitytracker.com/id?1018403
- http://www.securitytracker.com/id?1018404
- http://www.securitytracker.com/id?1018405
- http://www.securitytracker.com/id?1018406
- http://www.vupen.com/english/advisories/2007/2559
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35467