[SA25002] CA CleverPath Portal SQL Injection Vulnerability

Les derniers commentaires publiés sur SecuObs (1-5):

- Vidéo : Man In the Middle Attacks in a Virtual World - RAutor: Windows rdp session recorder - Vidéo : Retrieving Forum Passwords with Backtrack - Quelques antennes Wi-FI à construire soi-même - Vidéo : ESRT @SecurityTube Ettercap bEEf Mashup Les derniers commentaires publiés sur SecuObs (6-25) Tous les commentaires publiés sur SecuObs avant les 5 derniers

[Message Precedent sur la mailing][Message Suivant sur la mailing][Precedent dans le fil][Prochain dans le fil][Index par Date][Index par fil] [SA25002] CA CleverPath Portal SQL Injection Vulnerability

Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.

Join the FREE BETA test of the Network Software Inspector (NSI)! link://[click] The NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.

TITLE: CA CleverPath Portal SQL Injection Vulnerability

SECUNIA ADVISORY ID: SA25002

VERIFY ADVISORY: link://[click]

CRITICAL: Less critical

IMPACT: Manipulation of data

WHERE: From remote SOFTWARE: CA Unicenter Management Portal 3.x link://[click] CA Unicenter Management Portal 2.x link://[click] CA Unicenter Management Portal 11.x link://[click] CA Unicenter Database Management Portal 11.x link://[click] CA Unicenter Asset Portfolio Management 11.x link://[click] CA eTrust Security Command Center 8.x link://[click] CA eTrust Security Command Center 1.x link://[click] CA CleverPath Portal 4.x link://[click] CA CleverPath Aion 10.x link://[click] CA BrightStor Portal 11.x link://[click]

DESCRIPTION: Irene Abezgauz has reported a vulnerability in CA CleverPath Portal, which can be exploited by malicious users to conduct SQL injection attacks.

Input passed to certain parameters, e.g. the "ofinterest" parameter in the light search or the "description" parameter in the advanced search, is not properly sanitised before being used in an SQL query.

This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Successful exploitation requires valid user credentials and that the Lite Search feature is used.

The vulnerability affects the following products: * BrightStor Portal 11.1 * CleverPath Aion 10, 10.1, 10.2 * CleverPath Portal 4.51, 4.7, 4.71 * eTrust Security Command Center (eTrust SCC) 1, 8 * Unicenter Argis Portfolio Asset Management 11 * Unicenter Database Management Portal 11, 11.1 * Unicenter Enterprise Job Manager (UEJM) 3, 11 * Unicenter Management Portal (UMP) 2, 3.1, 11 SOLUTION: Apply patch.

link://[click] PROVIDED AND/OR DISCOVERED BY: Irene Abezgauz, Hacktics

ORIGINAL ADVISORY: Hacktics: link://[click] CA: link://[click]

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: link://[click]

Definitions: (Criticality, Where etc.) link://[click]

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link.

Secunia NEVER sends attached files with advisories.

Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Precedent par Date: [SA24984] Ripe Website Manager SQL Injection and Cross-Site Scripting
Suivant par Date: [SA25049] NaviCOPA GET Request Denial of Service Vulnerability
Precedent par fil : [SA24984] Ripe Website Manager SQL Injection and Cross-Site Scripting
Suivant par fil : [SA25049] NaviCOPA GET Request Denial of Service Vulnerability
Index(s):
- Date
- Fil

Archives de la liste de diffusion Secunia
Archives de la liste de diffusion BugTraq
Archives de la liste de diffusion DailyDave
Archives de la liste de diffusion FunSec
Archives de la liste de diffusion Full Disclosure
Archives de la liste de diffusion Focus-IDS (FD)
Archives de la liste de diffusion Webappsec (FD)
Archives de la liste de diffusion Security-basics (FD)
Archives de la liste de diffusion Vulndiscuss
Archives de la liste de diffusion Vulnwatch

Les derniers commentaires publiés sur SecuObs (6-25):

- ESRT @securityshell - Metasploit Framework eXploit Builder v3 - ESRT @dougburks @michaelrash Conficker vs iptables and fwsnort - WepBuster v1.0 beta0.5 released - 130232 downloads of BackTrack 4 Pre-Final since the release - Latest version virtualbox 3.0.0 released - ESRT @mubix A very effective SSH bruteforcer by @laramies recently updated - ESRT @mubix - Middler gets some more updates today - Vidéo : P. Kleissner Stoned Bootkit preview, full at BH 09 Las Vegas - SSTIC 2009 Challenge vs Metasm - Vidéo : Password cracking with L0phtcrack 6 - DLL injection by modifying an executable file - reverse shell from SQLi with 1 HTTP request, no extra channel to upload initial - Hackers crack ColdFusion - Vidéo : Hiding Files with NTFS Alternative Data Streams - Whitepaper Understanding and using RFID - phpMyAdmin exploited in masses - Update: PyLoris 1.8 - ESRT @dougburks - Richard Bejtlich's Wireshark 12 Tutorial - ESRT @Carlos_Perez @joswr1ght WPA2-PSK cracker Cowpatty 46 with less teh suck - ESRT @dougburks Synjunkie on DNS BackTrack 4 tools Fierce and DNSRecon Les cinq derniers commentaires publiés sur SecuObs Tous les commentaires publiés sur SecuObs avant les 25 derniers

SecuToolBox :

Bluetooth Stack Smasher v0.6 / Bluetooth Stack Smasher v0.8 / Slides Bluetooth Eurosec 2006 / Exposé vidéo Windows Shellcode - Kostya Kortchinsky / Exposé audio Reverse Engineering - Nicolas Brulez / Exposé vidéo Securitech - Pierre Betouin / WEP aircrack + Ubiquiti (MadWifi) 300 mW + Yagi / Secure WIFI WPA + EAP-TLS + Freeradius / Audit Windows / Captive Password Windows / USBDumper / USBDumper 2 / Hacking Hardware / WishMaster backdoor / DNS Auditing Tool / Ettercap SSL MITM / Exploit vulnérabilités Windows / Memory Dumper Kernel Hardening / Reverse Engineering / Scapy / SecUbuLIVE CD / Metasploit / eEye Blink Sec Center / eEye Retina Scanner + d'outils / + de tutoriels

Mini-Tagwall des articles publiés sur SecuObs :

sécurité, windows, exploit, microsoft, réseau, attaque, vulnérabilité, système, audit, outil, virus, internet, données, linux, présentation, bluetooth, vista, metasploit, protocol, shell, scanner, réseaux, trames, téléphone, paquet, wishmaster, rootkit, engineering, sysun, https, black, mobile, noyau, téléphones, conférence, mémoire, source, scapy, google, reverse, détection, malveillant, snort, sécurise, patch + de mots clés avec l'annuaire des articles publiés sur SecuObs

Archives Failles Secunia :

- SA35687 Gentoo update for mod_security - SA35686 Gentoo update for libwmf - SA35699 Red Hat update for ruby - SA35697 Red Hat update for pidgin - SA35688 Ubuntu update for nagios2 and nagios3 + d'archives failles avec Secunia et SecuMail

Archives Mailing Full Disclosure :

- Full-disclosure Cisco Security Advisory: Vulnerabilities in Cisco Video Surveillance Products - Full-disclosure Cisco Security Advisory: Cisco Physical Access Gateway Denial of Service Vulnerability - Full-disclosure Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability - Full-disclosure Cisco Security Advisory: Cisco Unified MeetingPlace Web Conferencing Authentication Bypass Vulnerability - Full-disclosure SSANZ - Server Systems Administration NZ. + d'archives Full Disclosure avec SecuMail

Archives Mailing Bugtraq :

- Cisco Security Advisory: Vulnerabilities in Cisco Video Surveillance Products - Cisco Security Advisory: Cisco Physical Access Gateway Denial of Service Vulnerability - Cisco Security Advisory: Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability - Cisco Security Advisory: Cisco Unified MeetingPlace Web Conferencing Authentication Bypass Vulnerability - Re: Cross-Site Scripting vulnerabilities in Mozilla, Internet Explorer, Opera and Chrome - SECURITY DSA 1825-1 New nagios2/nagios3 packages fix arbitrary code execution + d'archives Bugtraq avec SecuMail

Mini-Tagwall de l'annuaire video :

virus, spyware, vmware, firmware, security, malware, lockpicking, biometric, kernel, iphone, windows, adware, password, wimax, botnet, tutorial, phish, linux, symantec, rootkit, knoppix, metasploit, network, attack, server, virtual, internet, jailbreak, notacon, conference, exploit, backtrack, google, wireshark, defcon, hacker, openbsd, intel, ettercap, firewall, source, samsung, reprap, wireless, norton + de mots clés avec l'annuaire des videos

Mini-Tagwall des articles de la revue de presse :

security, microsoft, vulnérabilité, windows, vulnerability, network, attack, google, hacker, exploit, inject, internet, remote, server, mobile, malware, apple, iphone, black, patch, sécurité, virus, linux, ebook, conficker, crypt, source, intel, virtual, facebook, access, trojan, twitter, research, firefox, overflow, pirate, phish, vista, cisco, obama, office, local, opera, adobe + de mots clés avec l'annuaire de la revue de presse

Mini-Tagwall des Tweets de la revue Twitter :

security, cisco, linux, defcon, firewall, vmware, metasploit, attack, server, phish, network, twitter, windows, exploit, nessus, backtrack, botnet, inject, crypt, wireshark, vulnerabi, python, acking, iphone, black, source, engineering, google, conficker, social, clouds, vulnerability, podcast, patch, virus, pentest, juniper, hacker, apple, client, proxy, virtual, complianc, apache, javascript + de mots clés avec l'annuaire de la revue Twitter