CVE-2006-4901

Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, and eTrust Audit 1.5 and r8, allows remote attackers to spoof alerts and conduct replay attacks by invoking eTSAPISend.exe with the desired arguments.
References
Link Resource
http://secunia.com/advisories/22023 Exploit Patch Vendor Advisory
http://secunia.com/advisories/22073 Vendor Advisory
http://securitytracker.com/id?1016909
http://securitytracker.com/id?1016910 Patch
http://users.tpg.com.au/adsl2dvp/advisories/200608-computerassociates.txt Exploit Patch Vendor Advisory
http://www.osvdb.org/29011 Exploit Patch
http://www.securityfocus.com/archive/1/446611/100/0/threaded
http://www.securityfocus.com/archive/1/446716/100/0/threaded
http://www.securityfocus.com/bid/20139 Exploit
http://www.vupen.com/english/advisories/2006/3738
http://www3.ca.com/securityadvisor/blogs/posting.aspx?id=90744&pid=93243&date=2006/9 Exploit Patch Vendor Advisory
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34618 Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/29107
http://secunia.com/advisories/22023 Exploit Patch Vendor Advisory
http://secunia.com/advisories/22073 Vendor Advisory
http://securitytracker.com/id?1016909
http://securitytracker.com/id?1016910 Patch
http://users.tpg.com.au/adsl2dvp/advisories/200608-computerassociates.txt Exploit Patch Vendor Advisory
http://www.osvdb.org/29011 Exploit Patch
http://www.securityfocus.com/archive/1/446611/100/0/threaded
http://www.securityfocus.com/archive/1/446716/100/0/threaded
http://www.securityfocus.com/bid/20139 Exploit
http://www.vupen.com/english/advisories/2006/3738
http://www3.ca.com/securityadvisor/blogs/posting.aspx?id=90744&pid=93243&date=2006/9 Exploit Patch Vendor Advisory
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34618 Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/29107
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:broadcom:etrust_audit_client:1.5:sp2:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_audit_client:1.5:sp3:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_audit_client:8.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_audit_datatools:1.5:sp2:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_audit_datatools:1.5:sp3:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_audit_datatools:8.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_audit_policy_manager:1.5:sp2:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_audit_policy_manager:1.5:sp3:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_audit_policy_manager:8.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_security_command_center:1.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_security_command_center:8:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_security_command_center:8:sp1:cr1:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_security_command_center:8:sp1:cr2:*:*:*:*:*

History

21 Nov 2024, 00:17

Type Values Removed Values Added
References () http://secunia.com/advisories/22023 - Exploit, Patch, Vendor Advisory () http://secunia.com/advisories/22023 - Exploit, Patch, Vendor Advisory
References () http://secunia.com/advisories/22073 - Vendor Advisory () http://secunia.com/advisories/22073 - Vendor Advisory
References () http://securitytracker.com/id?1016909 - () http://securitytracker.com/id?1016909 -
References () http://securitytracker.com/id?1016910 - Patch () http://securitytracker.com/id?1016910 - Patch
References () http://users.tpg.com.au/adsl2dvp/advisories/200608-computerassociates.txt - Exploit, Patch, Vendor Advisory () http://users.tpg.com.au/adsl2dvp/advisories/200608-computerassociates.txt - Exploit, Patch, Vendor Advisory
References () http://www.osvdb.org/29011 - Exploit, Patch () http://www.osvdb.org/29011 - Exploit, Patch
References () http://www.securityfocus.com/archive/1/446611/100/0/threaded - () http://www.securityfocus.com/archive/1/446611/100/0/threaded -
References () http://www.securityfocus.com/archive/1/446716/100/0/threaded - () http://www.securityfocus.com/archive/1/446716/100/0/threaded -
References () http://www.securityfocus.com/bid/20139 - Exploit () http://www.securityfocus.com/bid/20139 - Exploit
References () http://www.vupen.com/english/advisories/2006/3738 - () http://www.vupen.com/english/advisories/2006/3738 -
References () http://www3.ca.com/securityadvisor/blogs/posting.aspx?id=90744&pid=93243&date=2006/9 - Exploit, Patch, Vendor Advisory () http://www3.ca.com/securityadvisor/blogs/posting.aspx?id=90744&pid=93243&date=2006/9 - Exploit, Patch, Vendor Advisory
References () http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34618 - Patch, Vendor Advisory () http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34618 - Patch, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/29107 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/29107 -

Information

Published : 2006-09-22 22:07

Updated : 2024-11-21 00:17


NVD link : CVE-2006-4901

Mitre link : CVE-2006-4901

CVE.ORG link : CVE-2006-4901


JSON object : View

Products Affected

broadcom

  • etrust_audit_datatools
  • etrust_audit_client
  • etrust_security_command_center
  • etrust_audit_policy_manager