EUVD-2007-1342

Malware in sbrugna...

CA eTrust Admin GINA模块权限提升漏洞

CA eTrust Admin可为企业提供整体的安全管理策略。 CA eTrust Admin GINA组件的口令重置接口中存在权限提升漏洞，允许能够物理交互访问或通过远程桌面访问的攻击者获得管理员权限。 Computer Associates eTrust Admin 8.1 SP2 8.1.2 Computer Associates eTrust Admin 8.1 SP1 8.1.1 Computer Associates eTrust Admin 8.1 8.1.0 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

CVE-2007-1345

Unspecified vulnerability in cube.exe in the GINA component for CA Computer Associates eTrust Admin 8.1.0 through 8.1.2 allows attackers with physical interactive or Remote Desktop access to bypass authentication and gain privileges via the password reset interface...

CVE-2007-1345

Unspecified vulnerability in cube.exe in the GINA component for CA Computer Associates eTrust Admin 8.1.0 through 8.1.2 allows attackers with physical interactive or Remote Desktop access to bypass authentication and gain privileges via the password reset interface...

CVE-2007-1345

CVE-2007-1345 affects CA eTrust Admin (GINA component) cube.exe in versions 8.1.0–8.1.2. It allows attackers with physical interactive access or Remote Desktop to bypass authentication and escalate privileges via the password-reset interface. Root cause: privilege-escalation in the reset workflow...

[CAID 35145]: CA eTrust Admin Privilege Escalation Vulnerability

Title: CAID 35145: CA eTrust Admin Privilege Escalation Vulnerability CA Vuln ID CAID: 35145 CA Advisory Date: 2007-03-08 Impact: Attackers can gain escalated privileges. Summary: The CA eTrust Admin GINA component contains a privilege escalation vulnerability within the reset password interface...