what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files from Computer Associates

Email addressadvisor at ca.com
First Active2005-08-05
Last Active2007-12-24
CA Security Advisory 35970
Posted Dec 24, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA Security Advisory - A potential vulnerability exists in the Ingres software that is embedded in various CA products. This vulnerability exists only on Ingres 2.5 and Ingres 2.6 on Windows, and does not manifest itself on any Unix platform. Ingres r3 and Ingres 2006 are not affected.

tags | advisory
systems | windows, unix
advisories | CVE-2007-6334
SHA-256 | f7ca90c4521927236d3bbfefb70dc89c88259368d66a18dae3701216866ea1ca
CA Security Advisory 35754
Posted Oct 22, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA Host-Based Intrusion Prevention System (CA HIPS) contains a vulnerability in the Server installation that can allow a remote attacker to take unauthorized administrative action. The vulnerability occurs due to raw request data being displayed in the log when viewed by a browser. The client installation is not vulnerable.

tags | advisory, remote
advisories | CVE-2007-5472
SHA-256 | c85539d8e715bc4393459fcd55868d6547302d34f075669e2c00d0567ee58f18
CA Security Advisory 35527
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

Multiple CA products that utilize CA Message Queuing (CAM / CAFT) software contain a buffer overflow vulnerability. The vulnerability is a buffer overflow that can allow a remote attacker to execute arbitrary code by sending a specially crafted message to TCP port 3104.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2007-0060
SHA-256 | 46fe72c71f2b06a14afa104372ad4b44357e43e92eabdb5b2e93b341ebb45541
CA Security Advisory 35525
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA products that utilize the Arclib library contain two denial of service vulnerabilities. The first vulnerability is due to an application hang when processing a specially malformed CHM file. The second vulnerability is due to an application hang when processing a specially malformed RAR file.

tags | advisory, denial of service, vulnerability
advisories | CVE-2007-3875, CVE-2007-5645
SHA-256 | 01a0d7692b70c516c3cfb44baa9d756e9080e6e2262ee925e1c28f0efba48ff3
CA Security Advisory 35524
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

eTrust Intrusion Detection contains a vulnerability associated with the caller.dll ActiveX control. The vulnerability is due to the caller.dll ActiveX control being marked safe for scripting. An attacker, who can lure a user into visiting a malicious website, can potentially gain complete control of an affected installation.

tags | advisory, activex
advisories | CVE-2007-3302
SHA-256 | bf7652ef856974e523274a458f8762421906e746b5daddbe7db3072d50c9cec1
CA Security Advisory 35515
Posted Jul 20, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

Multiple CA products that utilize Alert service functionality contain multiple vulnerabilities. The vulnerabilities are due to insufficient bounds checking on received data by certain RPC procedures. An attacker can exploit these buffer overflows to execute arbitrary code or cause service failure.

tags | advisory, overflow, arbitrary, vulnerability
advisories | CVE-2007-3825
SHA-256 | dff03d4b04f6fb38db9efcc99d514db64917edf808004035f18a70b3cba857e0
CA Security Advisory 35395
Posted Jun 10, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA Anti-Virus engine contains multiple vulnerabilities that can allow a remote attacker to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability, virus
advisories | CVE-2007-2863, CVE-2007-2864
SHA-256 | 7a18d60f22a825bfaf66d090825d58ae0eae1abbf39a0c649afdfefc4b5795cf
CA Security Advisory 35330
Posted May 12, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA Anti-Virus for the Enterprise, CA Threat Manager, and CA Anti-Spyware contain multiple vulnerabilities that can allow an attacker to cause a denial of service or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities.

tags | advisory, denial of service, arbitrary, vulnerability, virus
advisories | CVE-2007-2522, CVE-2007-2523
SHA-256 | 8f199a847ae100657c96161091769e0883d36aa803d130e150619b62423ebc0c
CA Security Advisory 35277
Posted May 2, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA CleverPath Portal contains a vulnerability that can allow a local attacker to access confidential data. The vulnerability is due to insufficient filtering of SQL search queries. CA has issued a patch to address the vulnerability.

tags | advisory, local
advisories | CVE-2007-2230
SHA-256 | ea5c74d47d854c08f37384a948d4e8b4340a0d0bb6f3ef77f923334836a16891
CA Security Advisory 35198
Posted May 2, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA BrightStor ARCserve Backup Media Server contains multiple vulnerabilities that can allow a remote attacker to cause a denial of service or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2007-1785, CVE-2007-2139
SHA-256 | 50cf00ebba6e500a55c1f41bdda6ade451e15f3fa8050b06f214c5c44a6563ac
CA Security Advisory 35145
Posted Mar 9, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

The CA eTrust Admin GINA component contains a privilege escalation vulnerability within the reset password interface. This vulnerability is exploitable only through physical interactive access or through Remote Desktop. Affected products include eTrust Admin 8.1 SP2 (8.1.2), eTrust Admin 8.1 SP1 (8.1.1), and eTrust Admin 8.1 (8.1.0).

tags | advisory, remote
advisories | CVE-2007-1345
SHA-256 | 3962113ae17c146b5640bd4ec12da7a3f96a4ed5be77c2f201e85de1071f6d9e
CA Security Advisory 35112
Posted Mar 6, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA eTrust Intrusion Detection contains a vulnerability that can allow a remote attacker to cause a denial of service condition. Affected Products include eTrust Intrusion Detection 3.0 SP1, eTrust Intrusion Detection 3.0, and eTrust Intrusion Detection 2.0 SP1.

tags | advisory, remote, denial of service
advisories | CVE-2007-1005
SHA-256 | c4aff44d742dff175c969692af2d23c9c6f951c0f4edf0ab1e710a1fed11ce69
CA Security Advisory 34818
Posted Jan 27, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

Multiple vulnerabilities have been discovered in CA Personal Firewall drivers. The vulnerabilities are due to errors in the HIPS Core (KmxStart.sys) and HIPS Firewall (KmxFw.sys) drivers. Local attackers can exploit these vulnerabilities to gain escalated privileges.

tags | advisory, local, vulnerability
advisories | CVE-2006-6952
SHA-256 | 02589667c3f2bd1a0335ba0b442c8b18de4508cda0b0bb4a915da330839058a7
CA Security Advisory 34993
Posted Jan 27, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA BrightStor ARCserve Backup for Laptops and Desktops contains multiple overflow conditions that can allow a remote attacker to cause a denial of service, or execute arbitrary code with local SYSTEM privileges on Windows.

tags | advisory, remote, denial of service, overflow, arbitrary, local
systems | windows
advisories | CVE-2007-0449
SHA-256 | 6e6e8672248a7e1c4d803e9bf66b4054b05795508a899203c5e4ade01aafd269
CA Security Advisory 34876
Posted Dec 22, 2006
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CAID 34876 - CA CleverPath Portal and other CA solutions that embed Portal technology contain a session verification vulnerability.

tags | advisory
SHA-256 | 0f54412beb75b544d797f6a6475238fc984c6235fe7678318bc1b6e2c236672c
CA Security Advisory 34846
Posted Dec 8, 2006
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CAID 34846 - CA BrightStor ARCserve Backup contains a buffer overflow that allows remote attackers to execute arbitrary code with local SYSTEM privileges on Windows. This issue affects the BrightStor Backup Discovery Service in multiple BrightStor ARCserve Backup application agents and the Base product.

tags | advisory, remote, overflow, arbitrary, local
systems | windows
advisories | CVE-2006-6379
SHA-256 | 14f77fd442c8352fa5dc275da7b933076426d1d4e5c398ae09e7d8bf4a539e90
CA Security Advisory 34693
Posted Oct 24, 2006
Authored by Ken Williams, Computer Associates | Site ca.com

CAID 34693, 34694 - CA BrightStor ARCserve Backup contains multiple buffer overflow conditions that allow remote attackers to execute arbitrary code with local SYSTEM privileges on Windows. These issues affect the BrightStor Backup Agent Service, the Job Engine Service, and the Discovery Service in multiple BrightStor ARCserve Backup application agents and the Base product.

tags | advisory, remote, overflow, arbitrary, local
systems | windows
SHA-256 | aab9553c2355bbb2473b67f29de0eca777c8f03660b498ab0279bf3ed1729b5b
CA Security Advisory 34693
Posted Oct 21, 2006
Authored by Ken Williams, Computer Associates | Site ca.com

[CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities (UPDATED): Summary: CA BrightStor ARCserve Backup contains multiple buffer overflow conditions that allow remote attackers to execute arbitrary code with local SYSTEM privileges on Windows. These issues affect the BrightStor Backup Agent Service, the Job Engine Service, and the Discovery Service in multiple BrightStor ARCserve Backup application agents and the Base product.

tags | advisory, remote, overflow, arbitrary, local, vulnerability
systems | windows
SHA-256 | aab9553c2355bbb2473b67f29de0eca777c8f03660b498ab0279bf3ed1729b5b
CA Security Advisory 34616
Posted Oct 2, 2006
Authored by Computer Associates | Site www3.ca.com

CAID 34616, 34617, 34618: CA eTrust Security Command Center and eTrust Audit vulnerabilities

tags | advisory, vulnerability
SHA-256 | b236dc13a9d36b5ace9a497fbaa92180a506c8f2c86ab714d159c59c043c12ba
CA Security Advisory 34509
Posted Aug 18, 2006
Authored by Ken Williams, Computer Associates | Site ca.com

CAID 34509 - CA eTrust Antivirus WebScan versions 1.1.0.1047 and below are susceptible to arbitrary code execution flaws.

tags | advisory, arbitrary, code execution
SHA-256 | 4cae55691ffcf0223d655c47bdca23e5fc91998a767f9a7caacd4f4169d4c5ff
CA Security Advisory 34325
Posted Jun 29, 2006
Authored by Ken Williams, Computer Associates | Site ca.com

CAID 34325 - CA ITM, eAV, ePP scan job description field format string vulnerability

tags | advisory
SHA-256 | 07a837f7b40e2e601e9d01c4f63a3d737cdfa42056432e84c50f216b96451b95
CA Security Advisory 34013
Posted May 6, 2006
Authored by Ken Williams, Computer Associates | Site ca.com

CAID 34013 - A potential vulnerability issue exists in our CAIRIM LMP solution for z/OS. CAIRIM is delivered as part of CA's z/OS Common Services, and the LMP component provides licensing services to many of CA's z/OS solutions. IBM Global Services discovered an integrity problem, which could be exploited by an expert user of a z/OS system that utilizes CA's CAIRIM LMP component. We worked with IBM Global Services to understand the nature of the problem and to make certain that the remedy we have now provided addresses the problem completely.

tags | advisory
SHA-256 | 25441e6a3e621cc379e0b1ebc1b28c21793d35d4bbe5423529a5dd2ede625cb1
CA Security Advisory 32919
Posted Aug 24, 2005
Authored by Ken Williams, Computer Associates | Site ca.com

During a recent internal audit, CA discovered several vulnerability issues in the CA Message Queuing (CAM / CAFT) software. CA has made patches available for all affected users. These vulnerabilities affect all versions of the CA Message Queuing software prior to v1.07 Build 220_13 and v1.11 Build 29_13 on the platforms specified below.

tags | advisory, vulnerability
SHA-256 | d5bbb6c6ef69369d57bffbc7b601ba4afb4ce1009bb13cdc9ffd06f706f43207
CA Security Advisory 33239
Posted Aug 5, 2005
Authored by Ken Williams, Computer Associates | Site ca.com

Computer Associates BrightStor ARCserve Backup and BrightStor Enterprise Backup Agents for Windows contain a stack-based buffer overflow vulnerability. The vulnerability may allow remote attackers to execute arbitrary code with SYSTEM privileges, or cause a denial of service condition. The buffer overflow is the result of improper bounds checking performed on data sent to port 6070.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | windows
SHA-256 | d0b86151caf4b31b313680362872830cbd81e6f29d1e165ddf1aea180174a2ed
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    14 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close