CA Total Defense UNCWS SQL Injection
Added: 05/02/2011CVE: CVE-2011-1653
BID: 47355
Background
CA Total Defense is a combined host-based anti-virus, anti-spyware, firewall, and IPS solution.Problem
CA Total Defense includes a web service management component, which in version r12 prior to SE2, fails to validate certain parameters. This leaves the service vulnerable to a SQL Injection attack.Resolution
Upgrade to CA Total Defense r12 SE2 or later.References
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={CD065CEC-AFE2-4D9D-8E0B-BE7F6E345866}http://www.zerodayinitiative.com/advisories/ZDI-11-127/
http://secunia.com/advisories/44097
Limitations
Tested against CA Total Defense Suite r12 on Windows Server 2003 SP2 English (DEP OptOut) and Windows Server 2008 SP2 English (DEP OptOut).The target must have read access to the specified SMB share.
The login and password of an account with write access to the specified SMB share must be provided.
The target server must be configured to listen on the HTTP port.
Platforms
WindowsBack to exploit index