----------------------------------------------------------------------

Want a new job?

http://secunia.com/secunia_security_specialist/
http://secunia.com/hardcore_disassembler_and_reverse_engineer/

International Partner Manager - Project Sales in the IT-Security
Industry:
http://corporate.secunia.com/about_secunia/64/

----------------------------------------------------------------------

TITLE:
CA Products Ingres Multiple Vulnerabilities

SECUNIA ADVISORY ID:
SA31398

VERIFY ADVISORY:
http://secunia.com/advisories/31398/

CRITICAL:
Less critical

IMPACT:
Privilege escalation

WHERE:
Local system

SOFTWARE:
eTrust Directory 8.x
http://secunia.com/product/7114/
CA Unicenter Software Delivery 11.x
http://secunia.com/product/7120/
CA Unicenter ServicePlus Service Desk 6.x
http://secunia.com/product/1684/
CA Unicenter ServicePlus Service Desk 11.x
http://secunia.com/product/14602/
CA Unicenter Service Metric Analysis 11.x
http://secunia.com/product/7126/
CA Unicenter Service Catalog 11.x
http://secunia.com/product/7129/
CA Unicenter Remote Control 11.x
http://secunia.com/product/14596/
CA Unicenter Network and Systems Management (NSM) 3.x
http://secunia.com/product/1683/
CA Unicenter Network and Systems Management (NSM) 11.x
http://secunia.com/product/14437/
CA Unicenter Job Management Option 11.x
http://secunia.com/product/14592/
CA Unicenter Asset Management 11.x
http://secunia.com/product/14589/
CA eTrust Audit 8.x
http://secunia.com/product/5912/
CA eTrust Admin 8.x
http://secunia.com/product/5584/
CA CleverPath Aion 10.x
http://secunia.com/product/5582/
CA AllFusion Harvest Change Manager 7.x
http://secunia.com/product/5905/
CA Advantage Data Transformer 2.x
http://secunia.com/product/5904/
BrightStor ARCserve Backup 11.x
http://secunia.com/product/312/
CA Single Sign-On 8.x
http://secunia.com/product/19466/
CA Embedded Entitlements Manager 8.x
http://secunia.com/product/14582/
CA Identity Manager 12.x
http://secunia.com/product/19467/
CA Unicenter Workload Control Center 11.x
http://secunia.com/product/19468/

DESCRIPTION:
Some vulnerabilities have been reported in CA products, which can be
exploited by malicious, local users to gain escalated privileges.

For more information:
SA31357

NOTE: The vulnerabilities do not affect Windows-based Ingres
installations.

The vulnerabilities are reported in the following products and
versions:
* Admin r8.1 SP2
* Advantage Data Transformer r2.2
* Allfusion Harvest Change Manager r7.1
* CA ARCserve Backup for Unix r11.1, r11.5 GA/SP1/SP2/SP3
* CA ARCserve Backup for Linux r11.1, r11.5 GA/SP1/SP2/SP3
* CA Directory r8.1
* CA Job Management Option R11.0
* CA Single Sign-On r8.1
* CleverPath Aion BPM r10.1, r10.2
* EEM 8.1, 8.2, 8.2.1
* eTrust Audit/SCC 8.0 sp2
* Identity Manager r12
* NSM 3.0 0305, 3.1 0403, r3.1 SP1 0703, r11
* Unicenter Asset Management r11.1, r11.2
* Unicenter Remote Control r11.2
* Unicenter Service Catalog r2.2, r11.1
* Unicenter Service Metric Analysis r11.1
* Unicenter ServicePlus Service Desk 6.0, r11, r11.1, r11.2
* Unicenter Software Delivery r11.1, r11.2
* Unicenter Workload Control Center r11

SOLUTION:
Apply patches (please see vendor advisory for details).

PROVIDED AND/OR DISCOVERED BY:
The vendor credits iDefense Labs.

ORIGINAL ADVISORY:
CA:
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181989

OTHER REFERENCES:
SA31357:
http://secunia.com/advisories/31357/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------