exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 47 of 47 RSS Feed

Files

CAID-brightstor.txt
Posted Dec 8, 2007
Authored by eEye Digital Security, Pedram Amini, cocoruder, Tenable Network Security, Dyon Balding, shirkdog | Site www3.ca.com

CA Security Advisory - Multiple vulnerabilities exist in BrightStor ARCserve Backup that can allow a remote attacker to cause a denial of service, execute arbitrary code, or take privileged action.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2007-5326, CVE-2007-5329, CVE-2007-5327, CVE-2007-5325, CVE-2007-5328, CVE-2007-5330, CVE-2007-5331, CVE-2007-5332
SHA-256 | eeb6c53417ccc26b912aa3b7ee71b7c4d770d635ec4f613ec8a5036d63014596

Related Files

CA Security Advisory 35145
Posted Mar 9, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

The CA eTrust Admin GINA component contains a privilege escalation vulnerability within the reset password interface. This vulnerability is exploitable only through physical interactive access or through Remote Desktop. Affected products include eTrust Admin 8.1 SP2 (8.1.2), eTrust Admin 8.1 SP1 (8.1.1), and eTrust Admin 8.1 (8.1.0).

tags | advisory, remote
advisories | CVE-2007-1345
SHA-256 | 3962113ae17c146b5640bd4ec12da7a3f96a4ed5be77c2f201e85de1071f6d9e
CA Security Advisory 35112
Posted Mar 6, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA eTrust Intrusion Detection contains a vulnerability that can allow a remote attacker to cause a denial of service condition. Affected Products include eTrust Intrusion Detection 3.0 SP1, eTrust Intrusion Detection 3.0, and eTrust Intrusion Detection 2.0 SP1.

tags | advisory, remote, denial of service
advisories | CVE-2007-1005
SHA-256 | c4aff44d742dff175c969692af2d23c9c6f951c0f4edf0ab1e710a1fed11ce69
CA Security Advisory 34818
Posted Jan 27, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

Multiple vulnerabilities have been discovered in CA Personal Firewall drivers. The vulnerabilities are due to errors in the HIPS Core (KmxStart.sys) and HIPS Firewall (KmxFw.sys) drivers. Local attackers can exploit these vulnerabilities to gain escalated privileges.

tags | advisory, local, vulnerability
advisories | CVE-2006-6952
SHA-256 | 02589667c3f2bd1a0335ba0b442c8b18de4508cda0b0bb4a915da330839058a7
CA Security Advisory 34993
Posted Jan 27, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA BrightStor ARCserve Backup for Laptops and Desktops contains multiple overflow conditions that can allow a remote attacker to cause a denial of service, or execute arbitrary code with local SYSTEM privileges on Windows.

tags | advisory, remote, denial of service, overflow, arbitrary, local
systems | windows
advisories | CVE-2007-0449
SHA-256 | 6e6e8672248a7e1c4d803e9bf66b4054b05795508a899203c5e4ade01aafd269
CAID-multi.txt
Posted Jan 14, 2007
Authored by Ken Williams | Site www3.ca.com

CA BrightStor ARCserve Backup contains multiple overflow conditions that can allow a remote attacker to execute arbitrary code with local SYSTEM privileges on Windows. The BrightStor ARCserve Backup Tape Engine service, Mediasvr service, and ASCORE.dll file are affected.

tags | advisory, remote, overflow, arbitrary, local
systems | windows
advisories | CVE-2006-5171, CVE-2006-5172, CVE-2007-0168, CVE-2007-0169, CVE-2006-6076, CVE-2006-6917
SHA-256 | 277d1dc497086cde18530d9b1513f826b6a78561bd1e1048a84224d877383608
CA Security Advisory 34876
Posted Dec 22, 2006
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CAID 34876 - CA CleverPath Portal and other CA solutions that embed Portal technology contain a session verification vulnerability.

tags | advisory
SHA-256 | 0f54412beb75b544d797f6a6475238fc984c6235fe7678318bc1b6e2c236672c
caid-34870.txt
Posted Dec 14, 2006
Authored by Ken Williams | Site ca.com

Multiple instances of improper handling of NULL buffers in CA Anti-Virus allow local attackers to cause a denial of service condition. This issue affects only consumer CA Anti-Virus products.

tags | advisory, denial of service, local, virus
SHA-256 | 11819a7013b6e40a1cc760c94258674027e522f92b3b43914752ec599d4cbb9f
CA Security Advisory 34846
Posted Dec 8, 2006
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CAID 34846 - CA BrightStor ARCserve Backup contains a buffer overflow that allows remote attackers to execute arbitrary code with local SYSTEM privileges on Windows. This issue affects the BrightStor Backup Discovery Service in multiple BrightStor ARCserve Backup application agents and the Base product.

tags | advisory, remote, overflow, arbitrary, local
systems | windows
advisories | CVE-2006-6379
SHA-256 | 14f77fd442c8352fa5dc275da7b933076426d1d4e5c398ae09e7d8bf4a539e90
CA Security Advisory 34693
Posted Oct 24, 2006
Authored by Ken Williams, Computer Associates | Site ca.com

CAID 34693, 34694 - CA BrightStor ARCserve Backup contains multiple buffer overflow conditions that allow remote attackers to execute arbitrary code with local SYSTEM privileges on Windows. These issues affect the BrightStor Backup Agent Service, the Job Engine Service, and the Discovery Service in multiple BrightStor ARCserve Backup application agents and the Base product.

tags | advisory, remote, overflow, arbitrary, local
systems | windows
SHA-256 | aab9553c2355bbb2473b67f29de0eca777c8f03660b498ab0279bf3ed1729b5b
CA Security Advisory 34693
Posted Oct 21, 2006
Authored by Ken Williams, Computer Associates | Site ca.com

[CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities (UPDATED): Summary: CA BrightStor ARCserve Backup contains multiple buffer overflow conditions that allow remote attackers to execute arbitrary code with local SYSTEM privileges on Windows. These issues affect the BrightStor Backup Agent Service, the Job Engine Service, and the Discovery Service in multiple BrightStor ARCserve Backup application agents and the Base product.

tags | advisory, remote, overflow, arbitrary, local, vulnerability
systems | windows
SHA-256 | aab9553c2355bbb2473b67f29de0eca777c8f03660b498ab0279bf3ed1729b5b
CAID34661.txt
Posted Oct 4, 2006
Authored by Ken Williams | Site supportconnect.ca.com

CAID 34661: CA Unicenter WSDM File System Read Access Vulnerability: Unicenter Web Services Distributed Management 3.1 uses a known vulnerable version of Jetty WebServer, an open source java web server. An advisory describing the Jetty WebServer vulnerability can be found at http://www.securityfocus.com/bid/11330. The vulnerability allows a remote attacker to gain full read access on the install partitions file system of the Unicenter WSDM host system through a directory traversal attack

tags | advisory, java, remote, web
SHA-256 | 59d313f06c61c6c3e14d15a2c66be546acd4d72d6e7daa4d3b078b9969a8198d
CA Security Advisory 34616
Posted Oct 2, 2006
Authored by Computer Associates | Site www3.ca.com

CAID 34616, 34617, 34618: CA eTrust Security Command Center and eTrust Audit vulnerabilities

tags | advisory, vulnerability
SHA-256 | b236dc13a9d36b5ace9a497fbaa92180a506c8f2c86ab714d159c59c043c12ba
CA Security Advisory 34509
Posted Aug 18, 2006
Authored by Ken Williams, Computer Associates | Site ca.com

CAID 34509 - CA eTrust Antivirus WebScan versions 1.1.0.1047 and below are susceptible to arbitrary code execution flaws.

tags | advisory, arbitrary, code execution
SHA-256 | 4cae55691ffcf0223d655c47bdca23e5fc91998a767f9a7caacd4f4169d4c5ff
CA Security Advisory 34325
Posted Jun 29, 2006
Authored by Ken Williams, Computer Associates | Site ca.com

CAID 34325 - CA ITM, eAV, ePP scan job description field format string vulnerability

tags | advisory
SHA-256 | 07a837f7b40e2e601e9d01c4f63a3d737cdfa42056432e84c50f216b96451b95
CA Security Advisory 34013
Posted May 6, 2006
Authored by Ken Williams, Computer Associates | Site ca.com

CAID 34013 - A potential vulnerability issue exists in our CAIRIM LMP solution for z/OS. CAIRIM is delivered as part of CA's z/OS Common Services, and the LMP component provides licensing services to many of CA's z/OS solutions. IBM Global Services discovered an integrity problem, which could be exploited by an expert user of a z/OS system that utilizes CA's CAIRIM LMP component. We worked with IBM Global Services to understand the nature of the problem and to make certain that the remedy we have now provided addresses the problem completely.

tags | advisory
SHA-256 | 25441e6a3e621cc379e0b1ebc1b28c21793d35d4bbe5423529a5dd2ede625cb1
CAID33581.txt
Posted Feb 2, 2006
Authored by Ken Williams | Site supportconnect.ca.com

The following two security vulnerability issues have been identified in the CA Message Queuing (CAM / CAFT) software: CAM is vulnerable to a Denial of Service (DoS) attack when a specially crafted message is received on TCP port 4105. CAM is vulnerable to a Denial of Service (DoS) through the spoofing of CAM control messages.

tags | advisory, denial of service, spoof, tcp
advisories | CVE-2006-0529, CVE-2006-0530
SHA-256 | fa9bcf5733c36e27029a5ff78f5ff979acef14def6f47abd1743b7b6362823eb
CAID33778.txt
Posted Jan 29, 2006
Authored by Ken Williams | Site supportconnect.ca.com

The CA iGateway common component, which is included with several CA products for UNIX/Linux/Windows platforms, contains a buffer overflow vulnerability that can allow arbitrary code to be executed remotely with SYSTEM privileges on Windows, and cause iGateway component failure on UNIX and Linux platforms.

tags | advisory, overflow, arbitrary
systems | linux, windows, unix
SHA-256 | 8409e14595803164e947c37dd2dfbb346cd4de292b503ce34d26b1d3bf7dc40d
CAID33756.txt
Posted Jan 25, 2006
Authored by Ken Williams | Site www3.ca.com

The following security vulnerability issues have been identified in the DM Primer part of the DM Deployment Common Component being distributed with some CA products.

tags | advisory
SHA-256 | 3bb77b73a739e829a3825d2e8abbaa2acbef94cd5a8a75f892c2a5e96d8e7d82
caid-33485.txt
Posted Oct 21, 2005
Authored by Ken Williams | Site ca.com

The Computer Associates iGateway common component, which is included with several CA products for UNIX/Linux/Windows platforms, contains a buffer overflow vulnerability that could allow remote attackers to execute arbitrary code on Windows platforms, or cause iGateway component failure (denial of service) on UNIX and Linux. The vulnerability is due to improper bounds checking on HTTP GET requests by the iGateway component when debug mode is enabled.

tags | advisory, remote, web, denial of service, overflow, arbitrary
systems | linux, windows, unix
SHA-256 | 74bd732e56cce6be5894ef060731af97fd2aa0bfc7f55e97f70154c829339733
CA Security Advisory 32919
Posted Aug 24, 2005
Authored by Ken Williams, Computer Associates | Site ca.com

During a recent internal audit, CA discovered several vulnerability issues in the CA Message Queuing (CAM / CAFT) software. CA has made patches available for all affected users. These vulnerabilities affect all versions of the CA Message Queuing software prior to v1.07 Build 220_13 and v1.11 Build 29_13 on the platforms specified below.

tags | advisory, vulnerability
SHA-256 | d5bbb6c6ef69369d57bffbc7b601ba4afb4ce1009bb13cdc9ffd06f706f43207
CA Security Advisory 33239
Posted Aug 5, 2005
Authored by Ken Williams, Computer Associates | Site ca.com

Computer Associates BrightStor ARCserve Backup and BrightStor Enterprise Backup Agents for Windows contain a stack-based buffer overflow vulnerability. The vulnerability may allow remote attackers to execute arbitrary code with SYSTEM privileges, or cause a denial of service condition. The buffer overflow is the result of improper bounds checking performed on data sent to port 6070.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | windows
SHA-256 | d0b86151caf4b31b313680362872830cbd81e6f29d1e165ddf1aea180174a2ed
openca.txt
Posted Dec 1, 2003
Site openca.org

OpenCA Security Advisory - Multiple flaws in OpenCA before version 0.9.1.4 could cause OpenCA to use an incorrect certificate in the chain to determine the serial being checked which could lead to certificates that are revoked or expired being incorrectly accepted.

tags | advisory
advisories | CVE-2003-0960
SHA-256 | 2d8bf6a4c4e3a857072f500345d0d66c8422632aae593d41cd7f4d2e92012deb
Page 2 of 2
Back12Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close