---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: CA eTrust Security Command Center Multiple Vulnerabilities SECUNIA ADVISORY ID: SA22023 VERIFY ADVISORY: http://secunia.com/advisories/22023/ CRITICAL: Less critical IMPACT: Security Bypass, Manipulation of data, Exposure of system information, Exposure of sensitive information WHERE: >From local network SOFTWARE: CA eTrust Security Command Center 1.x http://secunia.com/product/3693/ DESCRIPTION: Some vulnerabilities and a weakness have been reported in CA eTrust Security Command Center, which can be exploited by malicious, local users to disclose or manipulate sensitive information, and by malicious people to disclose system information and bypass certain security restrictions. 1) An input validation error in the PIProfile function in the ePPIServlet script can be exploited to disclose the full path to the web server via the quote character. The weakness has been reported in versions r8, r8 SP1 CR1, r8 SP1 CR2, and 1.0. 2) An error exists in the verification of the temporary file location returned by the "getadhochtml()" function. This can be exploited by a malicious, local user to disclose the content of or delete arbitrary files. The vulnerability has been reported in versions r8, r8 SP1 CR1, and r8 SP1 CR2. 3) An error caused due to missing authentication in the event alerting system can be exploited to cause false-positive alerts via certain replay attacks. The vulnerability has been reported in versions r8, r8 SP1 CR1, r8 SP1 CR2, and 1.0. SOLUTION: 1-2) Apply updates. http://supportconnectw.ca.com/public/etrust/etrust_scc/downloads/etrustscc_updates.asp 3) The vendor recommends to filter traffic to the event system. PROVIDED AND/OR DISCOVERED BY: The vendor credits Patrick Webster. ORIGINAL ADVISORY: CA: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34616 http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34617 http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34618 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------