Browse by Tags

All Tags » vulnerability (RSS)

CA20111208-01: Security Notice for CA SiteMinder

Today we published a security notice and fixes to address a medium risk, publicly known vulnerability in CA SiteMinder. The vulnerability, CVE-2011-4054, occurs due to insufficient validation of postpreservationdata parameter input utilized in the login.fcc form. A malicious user can submit a specially...

Posted to CA Security Response Blog (Weblog) by Ken Williams on 12-09-2011
CA20111116-01: Security Notice for CA Directory

Today, I published a new security notice for CA Directory. The notice addresses a high risk denial of service vulnerability dealing with specially malformed SNMP packets, which was reported to us by nabCERT, National Australia Bank. At this time, we are not aware of any active exploitation. See below...

Posted to CA Security Response Blog (Weblog) by Kevin Kotas on 11-16-2011
CA20110809-01: Security Notice for CA ARCserve D2D

On August 9, 2011, we published a security notice and fix to address a high risk vulnerability in ARCserve D2D r15. The vulnerability, CVE-2011-3011, is due to improper session handling. A remote attacker can potentially access credentials and execute arbitrary commands. Vulnerability and exploit details...

Posted to CA Security Response Blog (Weblog) by Ken Williams on 08-12-2011
ARCserve D2D public disclosure of vulnerability and exploit details

CA Technologies is aware of ARCserve D2D vulnerability and exploit details that were posted to BugTraq on 2011-07-26. We're currently reviewing the information and will post an update after we have completed our initial investigation. Thanks and regards, Ken Williams, Director CA Technologies Product...

Posted to CA Security Response Blog (Weblog) by Ken Williams on 07-26-2011
CA20110420-01: Security Notice for CA SiteMinder

Today, 2011-04-20, we published a security notice to address a vulnerability in CA SiteMinder. The security notice includes information about a medium risk vulnerability that was discovered and reported by April King (april@twoevils.org). The vulnerability could potentially allow a malicious user to...

Posted to CA Security Response Blog (Weblog) by Ken Williams on 04-21-2011
CA20110420-02: Security Notice for CA Output Management Web Viewer

Today, 2011-04-20, we published a security notice to address vulnerabilities in CA Output Management Web Viewer. The security notice includes information about two high risk vulnerabilities that were discovered and reported by Dmitriy Pletnev, Secunia Research. Both vulnerabilities could potentially...

Posted to CA Security Response Blog (Weblog) by Ken Williams on 04-20-2011
CA20110223-01: Security Notice for CA Host-Based Intrusion Prevention System

Today, 2011-02-23, we published a security notice to address a vulnerability in CA Host-Based Intrusion Prevention System. The security notice includes patches for a medium risk vulnerability that was discovered by Andrea Micalizzi aka rgod, and reported to us by TippingPoint ZDI . Although the vulnerability...

Posted to CA Security Response Blog (Weblog) by Ken Williams on 02-23-2011
Update for CA20101231-01: Security Notice for CA ARCserve D2D

The following security notice was updated with new fix information on 2011-01-26. CA20101231-01: Security Notice for CA ARCserve D2D https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={26223DAB-1FA0-4EF9-864E-6CE3278FE503 } Thanks and regards, Ken Williams, Director ca technologies Product...

Posted to CA Security Response Blog (Weblog) by Ken Williams on 01-27-2011
CA20101231-01: Security Notice for CA ARCserve D2D

Today, we published a security notice to address a vulnerability in CA ARCserve D2D r15. The security notice includes an informational solution for a high risk vulnerability that was publicly disclosed on 2010-12-30 by rgod. Although the informational solution fully mitigates the vulnerability, we do...

Posted to CA Security Response Blog (Weblog) by Ken Williams on 12-31-2010
New security notice - CA20100304-01: Security Notice for CA SiteMinder

On Thursday, March 4, 2010, we posted a security notice for CA SiteMinder. The security notice, CA20100304-01, describes a low risk cross site scripting (XSS) vulnerability that affects only older versions of CA SiteMinder (r6.0 SP4 and earlier). The vulnerability is located in the publishing tool component...

Posted to CA Security Response Blog (Weblog) by Ken Williams on 03-04-2010

Page 1 of 5 (46 items) 1 2 3 4 5 Next >