Exploit CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Audit Event System Replay Attack

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
28642
Проверка EDB
  1. Пройдено
Автор
PATRICK WEBSTER
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2006-4901
Дата публикации
2006-09-21
Код:
source: https://www.securityfocus.com/bid/20139/info
 
CA eTrust Security Command Center (eSCC) and eTrust Audit are prone to multiple vulnerabilities, including:
 
- an information-disclosure issue
- an arbitrary-file-deletion issue
- a replay issue.
 
These vulnerabilities occur because the software fails to validate user input and because of design errors in the way the software handles user permissions and secure data-transmission protocols.
 
An attacker may exploit these vulnerabilities to access sensitive information, delete arbitrary files with the permissions of the service account, and carry out external replay attacks.

The following command-line example will send a login-failure event:
etsapisend.exe -nod $dstIP -cat "System Access" -opr Logon -sta F -nam NT-Security -loc \\Domain\IIS_Server -usr System -evt 70 -src Security -nid 529 -inf "Logon Failure"
 
Источник
www.exploit-db.com

Похожие темы