CVE-2006-4901

Computer Associates (CA) eTrust Security Command Center <r8-SP1 CR2...

Title source: llm

Description

Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, and eTrust Audit 1.5 and r8, allows remote attackers to spoof alerts and conduct replay attacks by invoking eTSAPISend.exe with the desired arguments.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Patrick Webster · textremotewindows

https://www.exploit-db.com/exploits/28642

View Code ZIP pw:eip

References (13)

Core 13

Core References

Exploit, Patch, Vendor Advisory x_refsource_misc

http://users.tpg.com.au/adsl2dvp/advisories/200608-computerassociates.txt

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/29107

Exploit, Patch, Vendor Advisory x_refsource_confirm

http://www3.ca.com/securityadvisor/blogs/posting.aspx?id=90744&pid=93243&date=2006/9

Patch vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016910

Patch, Vendor Advisory x_refsource_confirm

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34618

Exploit, Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/22023

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/20139

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/446716/100/0/threaded

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/22073

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016909

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/446611/100/0/threaded

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/3738

Exploit, Patch vdb-entry x_refsource_osvdb

http://www.osvdb.org/29011

Scores

EPSS 0.0994

EPSS Percentile 93.1%

Details

Status published

Products (8)

broadcom/etrust_audit_client 1.5 sp2 (2 CPE variants)

broadcom/etrust_audit_client 8.0

broadcom/etrust_audit_datatools 1.5 sp2 (2 CPE variants)

broadcom/etrust_audit_datatools 8.0

broadcom/etrust_audit_policy_manager 1.5 sp2 (2 CPE variants)

broadcom/etrust_audit_policy_manager 8.0

broadcom/etrust_security_command_center 1.0

broadcom/etrust_security_command_center 8 (3 CPE variants)

Published Sep 22, 2006

Tracked Since Feb 18, 2026