exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 84 RSS Feed

Files from Ken Williams

Email addressjames.williams at ca.com
First Active2005-08-05
Last Active2022-02-04
CAID-ARCserve.txt
Posted Oct 12, 2007
Authored by Ken Williams | Site www3.ca.com

Multiple vulnerabilities exist in BrightStor ARCserve Backup that can allow a remote attacker to cause a denial of service, execute arbitrary code, or take privileged action. The first set of vulnerabilities occur due to insufficient bounds checking by multiple components. The second vulnerability occurs due to privileged functions being available for use without proper authorization. The third set of vulnerabilities are due to a memory corruption occurring with the processing of RPC procedure arguments by multiple services. The vulnerabilities allow an attacker to cause a denial of service, or potentially to execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2007-5325, CVE-2007-5326, CVE-2007-5327, CVE-2007-5328, CVE-2007-5329, CVE-2007-5330, CVE-2007-5331, CVE-2007-5332
SHA-256 | 8860eaa4bfc2250849f113f1ca5d8c680bf62c6a8fde2785a35e35b2338b7fea
CAID-hsmcmv.txt
Posted Sep 27, 2007
Authored by Ken Williams | Site www3.ca.com

Multiple vulnerabilities exist in the CsAgent service that can allow a remote attacker to execute arbitrary code or cause a denial of service condition. The first set of vulnerabilities, CVE-2007-5082, occur due to insufficient bounds checking in multiple CsAgent service commands. The second set of vulnerabilities, CVE-2007-5083, occur due to insufficient validation of integer values in multiple CsAgent service commands, which can lead to buffer overflow. The third set of vulnerabilities, CVE-2007-5084, occur due to insufficient validation of strings used in SQL statements in multiple CsAgent service commands.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
advisories | CVE-2007-5082, CVE-2007-5083, CVE-2007-5084
SHA-256 | 363a6e7d492038cdb02283292599822fec694fd384becbbaf92e0cbd416cee51
CAID-backup.txt
Posted Sep 25, 2007
Authored by Ken Williams | Site www3.ca.com

CA ARCserve Backup for Laptops and Desktops contains multiple vulnerabilities that can allow a remote attacker to cause a denial of service condition or execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2007-3216, CVE-2007-5003, CVE-2007-5004, CVE-2007-5005, CVE-2007-5006
SHA-256 | 5454620d885de990b879969d7c8d672b34a987080f8b5bfd71c41320e3bc6593
CA Security Advisory 35527
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

Multiple CA products that utilize CA Message Queuing (CAM / CAFT) software contain a buffer overflow vulnerability. The vulnerability is a buffer overflow that can allow a remote attacker to execute arbitrary code by sending a specially crafted message to TCP port 3104.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2007-0060
SHA-256 | 46fe72c71f2b06a14afa104372ad4b44357e43e92eabdb5b2e93b341ebb45541
CA Security Advisory 35525
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA products that utilize the Arclib library contain two denial of service vulnerabilities. The first vulnerability is due to an application hang when processing a specially malformed CHM file. The second vulnerability is due to an application hang when processing a specially malformed RAR file.

tags | advisory, denial of service, vulnerability
advisories | CVE-2007-3875, CVE-2007-5645
SHA-256 | 01a0d7692b70c516c3cfb44baa9d756e9080e6e2262ee925e1c28f0efba48ff3
CA Security Advisory 35524
Posted Jul 25, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

eTrust Intrusion Detection contains a vulnerability associated with the caller.dll ActiveX control. The vulnerability is due to the caller.dll ActiveX control being marked safe for scripting. An attacker, who can lure a user into visiting a malicious website, can potentially gain complete control of an affected installation.

tags | advisory, activex
advisories | CVE-2007-3302
SHA-256 | bf7652ef856974e523274a458f8762421906e746b5daddbe7db3072d50c9cec1
CA Security Advisory 35515
Posted Jul 20, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

Multiple CA products that utilize Alert service functionality contain multiple vulnerabilities. The vulnerabilities are due to insufficient bounds checking on received data by certain RPC procedures. An attacker can exploit these buffer overflows to execute arbitrary code or cause service failure.

tags | advisory, overflow, arbitrary, vulnerability
advisories | CVE-2007-3825
SHA-256 | dff03d4b04f6fb38db9efcc99d514db64917edf808004035f18a70b3cba857e0
CAID-Ingres.txt
Posted Jun 26, 2007
Authored by Ken Williams | Site www3.ca.com

Various CA products that embed Ingres products contain multiple vulnerabilities that can allow an attacker to potentially execute arbitrary code.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2007-3336, CVE-2007-3337, CVE-2007-3338, CVE-2007-3334
SHA-256 | b9420a8daa8448c325330f47f53519fd6d8bf578d33c969e755fb2c28d048bb8
CA Security Advisory 35395
Posted Jun 10, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA Anti-Virus engine contains multiple vulnerabilities that can allow a remote attacker to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability, virus
advisories | CVE-2007-2863, CVE-2007-2864
SHA-256 | 7a18d60f22a825bfaf66d090825d58ae0eae1abbf39a0c649afdfefc4b5795cf
cabright-help.txt
Posted May 17, 2007
Authored by Ken Williams | Site www3.ca.com

CA is aware that two functional exploit code samples were publicized on May 16, 2007. These two denial of service exploits are associated with vulnerabilities in CA BrightStor ARCserve Backup Mediasvr.exe and caloggerd.exe.

tags | advisory, denial of service, vulnerability
SHA-256 | 217dacb3ef74fd30d24c653312053d6e3b3cc12fdb8552dd63f62208d5371a8b
CA Security Advisory 35330
Posted May 12, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA Anti-Virus for the Enterprise, CA Threat Manager, and CA Anti-Spyware contain multiple vulnerabilities that can allow an attacker to cause a denial of service or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities.

tags | advisory, denial of service, arbitrary, vulnerability, virus
advisories | CVE-2007-2522, CVE-2007-2523
SHA-256 | 8f199a847ae100657c96161091769e0883d36aa803d130e150619b62423ebc0c
CA Security Advisory 35277
Posted May 2, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA CleverPath Portal contains a vulnerability that can allow a local attacker to access confidential data. The vulnerability is due to insufficient filtering of SQL search queries. CA has issued a patch to address the vulnerability.

tags | advisory, local
advisories | CVE-2007-2230
SHA-256 | ea5c74d47d854c08f37384a948d4e8b4340a0d0bb6f3ef77f923334836a16891
CA Security Advisory 35198
Posted May 2, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA BrightStor ARCserve Backup Media Server contains multiple vulnerabilities that can allow a remote attacker to cause a denial of service or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2007-1785, CVE-2007-2139
SHA-256 | 50cf00ebba6e500a55c1f41bdda6ade451e15f3fa8050b06f214c5c44a6563ac
CAID-McAfee.txt
Posted Mar 20, 2007
Authored by Ken Williams | Site www3.ca.com

CA BrightStor ARCserve Backup contains four vulnerabilities that can allow a remote attacker to cause a denial of service or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2006-6076, CVE-2007-0816, CVE-2007-1447, CVE-2007-1448
SHA-256 | 26afa70359ee71d1cdb1f3ba90e2bd4290ccf6d14fd317067b25d049a10fc66f
CA Security Advisory 35145
Posted Mar 9, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

The CA eTrust Admin GINA component contains a privilege escalation vulnerability within the reset password interface. This vulnerability is exploitable only through physical interactive access or through Remote Desktop. Affected products include eTrust Admin 8.1 SP2 (8.1.2), eTrust Admin 8.1 SP1 (8.1.1), and eTrust Admin 8.1 (8.1.0).

tags | advisory, remote
advisories | CVE-2007-1345
SHA-256 | 3962113ae17c146b5640bd4ec12da7a3f96a4ed5be77c2f201e85de1071f6d9e
CA Security Advisory 35112
Posted Mar 6, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA eTrust Intrusion Detection contains a vulnerability that can allow a remote attacker to cause a denial of service condition. Affected Products include eTrust Intrusion Detection 3.0 SP1, eTrust Intrusion Detection 3.0, and eTrust Intrusion Detection 2.0 SP1.

tags | advisory, remote, denial of service
advisories | CVE-2007-1005
SHA-256 | c4aff44d742dff175c969692af2d23c9c6f951c0f4edf0ab1e710a1fed11ce69
CA Security Advisory 34818
Posted Jan 27, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

Multiple vulnerabilities have been discovered in CA Personal Firewall drivers. The vulnerabilities are due to errors in the HIPS Core (KmxStart.sys) and HIPS Firewall (KmxFw.sys) drivers. Local attackers can exploit these vulnerabilities to gain escalated privileges.

tags | advisory, local, vulnerability
advisories | CVE-2006-6952
SHA-256 | 02589667c3f2bd1a0335ba0b442c8b18de4508cda0b0bb4a915da330839058a7
CA Security Advisory 34993
Posted Jan 27, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA BrightStor ARCserve Backup for Laptops and Desktops contains multiple overflow conditions that can allow a remote attacker to cause a denial of service, or execute arbitrary code with local SYSTEM privileges on Windows.

tags | advisory, remote, denial of service, overflow, arbitrary, local
systems | windows
advisories | CVE-2007-0449
SHA-256 | 6e6e8672248a7e1c4d803e9bf66b4054b05795508a899203c5e4ade01aafd269
CAID-multi.txt
Posted Jan 14, 2007
Authored by Ken Williams | Site www3.ca.com

CA BrightStor ARCserve Backup contains multiple overflow conditions that can allow a remote attacker to execute arbitrary code with local SYSTEM privileges on Windows. The BrightStor ARCserve Backup Tape Engine service, Mediasvr service, and ASCORE.dll file are affected.

tags | advisory, remote, overflow, arbitrary, local
systems | windows
advisories | CVE-2006-5171, CVE-2006-5172, CVE-2007-0168, CVE-2007-0169, CVE-2006-6076, CVE-2006-6917
SHA-256 | 277d1dc497086cde18530d9b1513f826b6a78561bd1e1048a84224d877383608
CA Security Advisory 34876
Posted Dec 22, 2006
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CAID 34876 - CA CleverPath Portal and other CA solutions that embed Portal technology contain a session verification vulnerability.

tags | advisory
SHA-256 | 0f54412beb75b544d797f6a6475238fc984c6235fe7678318bc1b6e2c236672c
caid-34870.txt
Posted Dec 14, 2006
Authored by Ken Williams | Site ca.com

Multiple instances of improper handling of NULL buffers in CA Anti-Virus allow local attackers to cause a denial of service condition. This issue affects only consumer CA Anti-Virus products.

tags | advisory, denial of service, local, virus
SHA-256 | 11819a7013b6e40a1cc760c94258674027e522f92b3b43914752ec599d4cbb9f
CA Security Advisory 34846
Posted Dec 8, 2006
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CAID 34846 - CA BrightStor ARCserve Backup contains a buffer overflow that allows remote attackers to execute arbitrary code with local SYSTEM privileges on Windows. This issue affects the BrightStor Backup Discovery Service in multiple BrightStor ARCserve Backup application agents and the Base product.

tags | advisory, remote, overflow, arbitrary, local
systems | windows
advisories | CVE-2006-6379
SHA-256 | 14f77fd442c8352fa5dc275da7b933076426d1d4e5c398ae09e7d8bf4a539e90
CA Security Advisory 34693
Posted Oct 24, 2006
Authored by Ken Williams, Computer Associates | Site ca.com

CAID 34693, 34694 - CA BrightStor ARCserve Backup contains multiple buffer overflow conditions that allow remote attackers to execute arbitrary code with local SYSTEM privileges on Windows. These issues affect the BrightStor Backup Agent Service, the Job Engine Service, and the Discovery Service in multiple BrightStor ARCserve Backup application agents and the Base product.

tags | advisory, remote, overflow, arbitrary, local
systems | windows
SHA-256 | aab9553c2355bbb2473b67f29de0eca777c8f03660b498ab0279bf3ed1729b5b
CA Security Advisory 34693
Posted Oct 21, 2006
Authored by Ken Williams, Computer Associates | Site ca.com

[CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities (UPDATED): Summary: CA BrightStor ARCserve Backup contains multiple buffer overflow conditions that allow remote attackers to execute arbitrary code with local SYSTEM privileges on Windows. These issues affect the BrightStor Backup Agent Service, the Job Engine Service, and the Discovery Service in multiple BrightStor ARCserve Backup application agents and the Base product.

tags | advisory, remote, overflow, arbitrary, local, vulnerability
systems | windows
SHA-256 | aab9553c2355bbb2473b67f29de0eca777c8f03660b498ab0279bf3ed1729b5b
CAID34661.txt
Posted Oct 4, 2006
Authored by Ken Williams | Site supportconnect.ca.com

CAID 34661: CA Unicenter WSDM File System Read Access Vulnerability: Unicenter Web Services Distributed Management 3.1 uses a known vulnerable version of Jetty WebServer, an open source java web server. An advisory describing the Jetty WebServer vulnerability can be found at http://www.securityfocus.com/bid/11330. The vulnerability allows a remote attacker to gain full read access on the install partitions file system of the Unicenter WSDM host system through a directory traversal attack

tags | advisory, java, remote, web
SHA-256 | 59d313f06c61c6c3e14d15a2c66be546acd4d72d6e7daa4d3b078b9969a8198d
Page 3 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close