|
|
Info |
Last Modified |
| 2 months ago |
|
|
|
|
|
This Entry needs help! It is only 55% Complete. Click the edit link above to add more information.
Contributing is fast and easy, and benefits the entire security community.
|
|
Description |
There is an API function to create your own alerts: eTSAPISend.exe. The service does not use any authentication, so the attacker may script the binary to send thousands of false-positive alerts to the Security Command Center, diverting attention and resources from real threats.
|
|
Classification |
Unknown or Incomplete
|
|
Solution |
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): Use a perimeter firewall to block access to the Event system.
|
|
Products |
Unknown or Incomplete
|
|
|
|
|
Credit |
- Patrick Webster - patrick
aushack.com - aushack
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|