CA Total Defense UNCWS exportReport SQL Injection

Added: 03/20/2012
OSVDB: 78930

Background

CA Total Defense is a combined host-based anti-virus, anti-spyware, firewall, and IPS solution.

Problem

CA Total Defense includes a web service management component, which in version r12 prior to SE3, fails to validate certain parameters. The exportReport function of this service is vulnerable to a SQL Injection attack.

Resolution

Upgrade to CA Total Defense r12 SE3 (Build 831) or later.

References

http://www.zerodayinitiative.com/advisories/ZDI-12-022/
http://secunia.com/advisories/47883/

Limitations

Tested against CA Total Defense Suite 12.0.528 on Windows Server 2003 SP2 English (DEP OptOut) and Windows Server 2008 SP2 (DEP OptOut).

The target server must be configured to listen on the HTTP port.

Platforms

Windows

Back to exploit index