Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2010-1222 to a friend New vulnerability? New tool? Tell us	CVE-2010-1222 CA XOsoft Multiple Vulnerabilities     Credit: The information has been provided by Andrea Micalizzi. The original article can be found at: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=232869 Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2010-1222 Details Check for CVE-2010-1222 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * CA XOsoft Replication r12.5  * CA XOsoft High Availability r12.5  * CA XOsoft Content Distribution r12.5  * CA XOsoft Replication r12.0  * CA XOsoft High Availability r12.0  * CA XOsoft Content Distribution r12.0 Immune Systems:  * CA XOsoft Replication r4  * CA XOsoft High Availability r4  * CA XOsoft Content Distribution r4 The first vulnerability, CVE-2010-1221, occurs due to a lack of authentication. An attacker can make a SOAP request to enumerate user names. This vulnerability has a low risk rating and affects r12.0 and r12.5 XOsoft products. The second vulnerability, CVE-2010-1222, occurs due to a lack of authentication. An attacker can make a SOAP request to gain potentially sensitive information. This vulnerability has a low risk rating and affects only r12.5 XOsoft products. The third set of vulnerabilities, CVE-2010-1223, occurs due to insufficient bounds checking. An attacker can make a request that can cause a buffer overflow which may result in a crash or possibly code execution. These vulnerabilities have a high risk rating and affect r12.0 and r12.5 XOsoft products. Patch Availability: CA issued the following patches to address the vulnerabilities. CA XOsoft Replication r12.5, CA XOsoft High Availability r12.5, CA XOsoft Content Distribution r12.5: RO15016 CA XOsoft Replication r12.0, CA XOsoft High Availability r12.0, CA XOsoft Content Distribution r12.0: RO16643 CVE Information: CVE-2010-1221 CVE-2010-1222 CVE-2010-1223 Disclosure Timeline: 2010-04-06 - Public release of advisory  Comments on CVE-2010-1222:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®