Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 05:45:56 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1036934456&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0901-advisories%2FCA20090107-01.txt%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1036934456.1338183956.1338183956.1338183956.1%3B%2B__utmz%3D32867617.1338183956.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/73668/CA20090107-01.txt http://packetstormsecurity.org/files/73668/CA20090107-01.txt http://packetstormsecurity.org/files/73668/CA-smmsnmpd-Arbitrary-Command-Execution.html Wed, 07 Jan 2009 22:39:25 GMT CA Service Metric Analysis and CA Service Level Management contain a vulnerability that can allow a remote attacker to execute arbitrary commands. CA has issued patches to address the vulnerability. The vulnerability is due to insufficient access restrictions associated with the smmsnmpd service. A remote attacker can exploit this vulnerability to execute arbitrary commands in the context of the service. Affected products include CA Service Level Management 3.5, CA Service Metric Analysis r11.0, CA Service Metric Analysis r11.1, and CA Service Metric Analysis r11.1 SP1.