Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2011-1655

Malware in sbrugna...

7.5CVSS6.2AI score0.11975EPSS
Exploits0References12
securityvulns
securityvulns
added 2012/02/13 12:0 a.m.63 views

ZDI-12-024 : Total Defense Suite UNC Management Web Service uncsp_ViewReportsHomepage SQL Injection Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-024 : Total Defense Suite UNC Management Web Service uncspViewReportsHomepage SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-024 February 8, 2012 - -- CVE ID: - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...

0.1AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2012/02/08 12:0 a.m.20 views

Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability

This vulnerability allows attackers to remotely obtain domain credentials on vulnerable installations of CA Total Defense Suite UNC Management Web Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AppCode.dll service listening by default on...

7.5CVSS6.5AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2012/02/08 12:0 a.m.16 views

Total Defense Suite UNC Management Console ExportReport SQL Injection Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Total Defense Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ExportReport stored procedure, accessed via the management.asmx console. Th...

10CVSS8.6AI score
Exploits0
securityvulns
securityvulns
added 2011/04/19 12:0 a.m.68 views

ZDI-11-133: CA Total Defense Suite UNC Management Console DeleteReports SQL Injection Vulnerability

ZDI-11-133: CA Total Defense Suite UNC Management Console DeleteReports SQL Injection Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-133 April 13, 2011 -- CVE ID: CVE-2011-1653 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: CA -- Affected Products: CA Total Defense...

10CVSS0.7AI score0.88655EPSS
Exploits12
Prion
Prion
added 2011/04/18 3:0 p.m.20 views

Code injection

The management.asmx module in the Management Web Service in the Unified Network Control UNC Server in CA Total Defense TD r12 before SE2 sends a cleartext response to unspecified getDBConfigSettings requests, which makes it easier for remote attackers to obtain database credentials, and...

7.5CVSS7.7AI score0.11975EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2011/04/15 7:0 p.m.131 views

CVE-2011-1655

CA Total Defense Suite UNCWS getDBConfigSettings vulnerability (CVE-2011-1655) affects UNC Server before SE2; management.asmx responds to SOAP requests and transmits database credentials in plaintext, enabling unauthenticated remote access to credentials and potential arbitrary code execution. Im...

7.5CVSS7.3AI score0.11975EPSS
Exploits0References9Affected Software1
Zero Day Initiative
Zero Day Initiative
added 2011/04/13 12:0 a.m.25 views

CA Total Defense Suite UnassignFunctionalUsers Stored Procedure SQL Injection Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Total Defense Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the UnAssignFunctionalRoles stored procedure, accessed via the management.asmx...

10CVSS3.1AI score0.88655EPSS
Exploits12References1
Zero Day Initiative
Zero Day Initiative
added 2011/04/13 12:0 a.m.30 views

CA Total Defense Suite NonAssignedUserList Stored Procedure SQL Injection Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Total Defense Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NonAssignedUserList stored procedure, accessed via the management.asmx...

10CVSS1.6AI score0.88655EPSS
Exploits12References1
Zero Day Initiative
Zero Day Initiative
added 2011/04/13 12:0 a.m.36 views

CA Total Defense Suite UNCWS Web Service getDBConfigSettings Credential Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA Total Defense Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the management.asmx module of the Management Web Service. This process responds...

10CVSS2.1AI score0.11975EPSS
Exploits0References1
Rows per page
Query Builder