» 游客:  注册 | 登录 | 帮助  微点交流论坛 » 漏洞快报 » CA产品中Ingres用户授权时可绕过安全限制   作者: 标题: CA产品中Ingres用户授权时可绕过安全限制 pioneer 超级版主 积分 4563 发帖 4545 注册 2007-7-16 来自 BJ #1  CA产品中Ingres用户授权时可绕过安全限制 来源 secunia.com 软件名 BrightStor ARCserve Backup 11.x BrightStor ARCserve Backup 9.x BrightStor Enterprise Backup 10.x BrightStor Storage Command Center 11.x BrightStor Storage Resource Manager 11.x CA Advantage Data Transformer 2.x CA AllFusion Enterprise Workbench 1.x CA AllFusion Enterprise Workbench 7.x CA AllFusion Harvest Change Manager 7.x CA ARCserve Backup for Laptops & Desktops 11.x CA CleverPath Aion 10.x CA CleverPath Predictive Analysis Server 3.x CA Embedded Entitlements Manager 8.x CA eTrust Admin 8.x CA eTrust Audit 8.x CA Network Forensics 8.x CA Unicenter Advanced Systems Management 11.x CA Unicenter Asset Intelligence 11.x CA Unicenter Asset Management 11.x CA Unicenter Asset Portfolio Management 11.x CA Unicenter Database Command Center 11.x CA Unicenter Desktop and Server Management 11.x CA Unicenter Desktop Management Suite 11.x CA Unicenter Enterprise Job Manager 1.x CA Unicenter Job Management Option 11.x CA Unicenter Lightweight Portal 2.x CA Unicenter Management Portal 3.x CA Unicenter Network and Systems Management (NSM) 11.x CA Unicenter Network and Systems Management (NSM) 3.x CA Unicenter Patch Management 11.x CA Unicenter Remote Control 11.x CA Unicenter Remote Control 6.x CA Unicenter Service Accounting 11.x CA Unicenter Service Assure 11.x CA Unicenter Service Assure 2.x CA Unicenter Service Catalog 11.x CA Unicenter Service Delivery 11.x CA Unicenter Service Intelligence 11.x CA Unicenter Service Metric Analysis 11.x CA Unicenter Service Metric Analysis 3.x CA Unicenter ServicePlus Service Desk 11.x CA Unicenter ServicePlus Service Desk 5.x CA Unicenter ServicePlus Service Desk 6.x CA Unicenter Software Delivery 11.x CA Unicenter TNG 2.x CA Unicenter Web Services Distributed Management 3.x CA Unicenter Workload Control Center 1.x CA Wily SOA Manager 7.x eTrust Directory 8.x eTrust IAM Suite 8.x eTrust Identity Manager 8.x eTrust Secure Content Manager (SCM) eTrust Single Sign-On 7.x eTrust Web Access Control 1.x 描述 这可恶意绕过特定安全限制 Windows下该漏洞在V2.5和V2.6中已经受到影响 解决方案 应用补丁（联系厂商获得更多信息） Ingres 2.5 Single Byte Patch: ftp://ftp.ca.com/caproducts/ips/ ... 5.12291-win-x86.zip Ingres 2.6 Single-Byte patch: ftp://ftp.ca.com/caproducts/ips/ ... 1.12467-win-x86.zip Ingres 2.6 Double-Byte patch: ftp://ftp.ca.com/caproducts/ips/ ... 473-win-x86-DBL.zip ※文章所有权归【pioneer】与【东方微点论坛】共同所有，转载请注明出处！※ 2007-12-26 09:25 论坛跳转: 微点软件公测区 安全快报  > 病毒快报  > 漏洞快报 微点产品在线技术支持  > 微点主动防御软件  > 预升级反馈专区  > 微点杀毒软件 微点用户交流区  > 微点新闻  > 微点软件使用交流  > 微点茶室 安全技术交流区  > 主动防御  > 反病毒  > 防火墙 综合区  > 电脑&数码  > 体育&娱乐&休闲  > 灌水区 版务管理 内部使用专区  可打印版本 | 推荐 | 订阅 | 收藏 [ 联系我们 - 东方微点 ] 北京东方微点信息技术有限责任公司 福建东方微点信息安全有限责任公司 闽ICP备05030815号