Rule

--
Sid
12101

--
Summary:
This event is generated when an attempt is made to exploit a known vulnerability in Alert Notification Server.

--
Impact:
Denial of Service. Information disclosure. Loss of integrity. Complete admin access.

--
Detailed Information:
A vulnerability exists in the way that Internet Explorer handles ActiveX controls that may present an attacker with the opportunity to run code of their choosing on a host. Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor Enterprise Backup, allow remote attackers to execute arbitrary code by sending certain data to unspecified RPC procedures.

--
Affected Systems:
CA Alert Notification Server 1

--
Attack Scenarios:


--
Ease of Attack:
Simple.

--
False Positives:
None known.

--
False Negatives:
None known.

--
Corrective Action:


--
Contributors:
Sourcefire Vulnerability Research Team
This document was generated from data supplied by the National Vulnerability Database. A product of the National Institute of Standards and Technology.
For more information see http://nvd.nist.gov/

--
Additional References:

--
