|
|
| |
| Unicenter Web Services Distributed Management 3.1 uses a known vulnerable version of Jetty WebServer, an open source java web server. The vulnerability allows a remote attacker to gain full read access on the install partitions file system of the Unicenter WSDM host system through a directory traversal attack, e.g. http://192.168.50.31:8282/..\..\..\..\boot.ini. |
| |
Credit:
The information has been provided by Williams, James K.
The original article can be found at: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34661
|
| |
Vulnerable Systems:
* CA Unicenter Web Services Distributed Management (WSDM) version 3.1
Immune Systems:
* CA Unicenter Web Services Distributed Management (WSDM) 3.11
Status and Recommendation:
This vulnerability was addressed in December 2004 with the release of Unicenter Web Services Distributed Management (WSDM) 3.11. Customers using Unicenter WSDM 3.1 should upgrade to WSDM 3.11 or later through the CA SupportConnect web site at http://supportconnect.ca.com.
CVE Information:
CVE-2004-2478
|
|
|
|
|
|
|
|
