Full Disclosure mailing list archives
cacam_logsecurity_win32 exploit published on 20051018 by Metasploit
From: "Williams, James K" <James.Williams () ca com>
Date: Wed, 19 Oct 2005 13:36:00 -0400
FYI... CA has confirmed that the cacam_logsecurity_win32.pm exploit released on 20051018 by Metasploit targets an issue that CA had previously discovered during an internal audit. We posted patches and public advisories on August 19, 2005. References: (URLs may wrap) CA SupportConnect advisory: http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.a sp CA public advisory sent to security mailing lists, web sites: http://marc.theaimsgroup.com/?l=bugtraq&m=112475767805818&w=2 CA Security Advisor site: CAID 32919 - Computer Associates Message Queuing (CAM/CAFT) multiple vulnerabilities http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32919 CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2667 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2668 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2669 OSVDB: http://osvdb.org/18915 http://osvdb.org/18916 http://osvdb.org/18917 Metasploit exploit: http://metasploit.com/projects/Framework/exploits.html#cacam_logsecurity _win32 Note that our CAM code no longer contains a "log_security()" function. Please contact us at vuln () ca com if you have any questions or concerns. Regards, kw Ken Williams ; Dir. Vuln Research Computer Associates ; 0xE2941985 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- cacam_logsecurity_win32 exploit published on 20051018 by Metasploit Williams, James K (Oct 19)