• • browse-by-role
    • Application Developer or Architect
    • CIO or IT Executive
    • Customer Experience & Support
    • IT Operations
    • Line of Business Executive
    • Mainframe
    • Portfolio or Project Manager
    • Security & Compliance
    • Sustainability
• Login
• Register
• MyCA
• Contact
• United States - English
• Search
• facebook
• twitter
• linkedin
• rss
• youtube

CA Community

This Blog

• Home
• Contact

Syndication

• RSS
• Email Alerts
• Technorati

Recent Posts

• CA20130528-01: Security Notice for CA Process Automation (CA PAM)
• Update: CA20130213-01: Security Notice for CA ControlMinder
• CA20130319-01: Security Notice for SiteMinder products using SAML
• CA20130213-01: Security Notice for CA ControlMinder
• Update: CA20121220-01: Security Notice for CA IdentityMinder

Archives

• May 2013 (1)
• April 2013 (1)
• March 2013 (1)
• February 2013 (1)
• January 2013 (2)
• December 2012 (2)
• October 2012 (2)
• August 2012 (1)
• March 2012 (1)
• December 2011 (1)
• November 2011 (1)
• August 2011 (1)
• July 2011 (2)
• May 2011 (1)
• April 2011 (4)
• February 2011 (1)
• January 2011 (1)
• December 2010 (2)
• November 2010 (1)
• June 2010 (1)
• April 2010 (1)
• March 2010 (2)
• February 2010 (1)
• December 2009 (1)
• October 2009 (1)
• August 2009 (2)
• June 2009 (2)
• May 2009 (1)
• April 2009 (1)
• January 2009 (3)
• December 2008 (1)
• October 2008 (1)
• September 2008 (1)
• August 2008 (3)
• June 2008 (2)
• May 2008 (1)
• April 2008 (5)
• March 2008 (3)
• December 2007 (2)
• November 2007 (1)
• July 2007 (1)

Tags

• ActiveX
• anti-virus
• arclib 7.3.0.15
• ARCserve
• ARCserve Backup
• ARCserve Backup for Laptops and Desktops
• BrightStor
• Buffer Overflow
• CA20110420-01
• CVE-2003-0132
• CVE-2007-2449
• CVE-2007-2450
• CVE-2007-3382
• CVE-2007-3385
• CVE-2007-3386
• CVE-2007-4620
• CVE-2007-5325
• CVE-2007-5326
• CVE-2007-5328
• CVE-2008-2242
• CVE-2008-2541
• CVE-2008-2926
• CVE-2008-3174
• CVE-2008-3175
• CVE-2008-3356
• CVE-2008-3357
• CVE-2008-3389
• CVE-2008-4119
• CVE-2008-5415
• CVE-2009-0042
• D2D
• Denial of Service
• Directory
• DoS
• eEye
• exploit
• Federation Manager
• HIPS
• Host-Based Intrusion Prevention System
• NSM
• Output Management Web Viewer
• patch
• retrogod
• rgod
• Secure Content Manager
• Service Desk
• SiteMinder
• SiteMinder SPS
• Unicenter
• Vulnerability

News

Security Methodology at CA Technologies

 Twitter

CA Security Response Blog

CA20111116-01: Security Notice for CA Directory

Published: November 16 2011, 05:41 PM
by Kevin Kotas

Today, I published a new security notice for CA Directory. The notice addresses a high risk denial of service vulnerability dealing with specially malformed SNMP packets, which was reported to us by nabCERT, National Australia Bank. At this time, we are not aware of any active exploitation. See below for details.

CA20111116-01: Security Notice for CA Directory
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7b286545DB-00B9-4B4C-8DE7-F00827F3CC75%7d

Kevin Kotas
CA Technologies Product Vulnerability Response Team

The opinions and statements on this site are my own and do not necessarily reflect the opinions or policies of CA.

Share this post:  

• Share
• Print
• Email

Tags: Vulnerability, CVE-2011-3849, Directory, EEM

Leave a comment

 

By: Kevin Kotas
Kevin Kotas is a Director of the CA Product Vulnerability Response Team. He has over fifteen years of vulnerability management experience and discovered several vulnerabilities in products from multiple major software providers. Kevin holds a B.S. degree in Computer Science from North Carolina State...
Read More..

Comments:

No Comments

Leave a Comment

* An asterisk indicates a required field

* Name:  

Website:

* Comment:  

Remember Me?

  Submit        

• Page Tools
• print
• email
• share

• about us
• news
• events
• careers
• rss feeds

• legal
• privacy
• sitemap
• Copyright © 2013 CA.