| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 6 Aug 2009 19:21:34 -0400 From: "Kotas, Kevin J" <Kevin.Kotas@...com> To: <full-disclosure@...ts.grok.org.uk> Subject: CA20090806-02: Security Notice for Unicenter Asset Portfolio Management, Unicenter Desktop and Server Management, Unicenter Patch Management -----BEGIN PGP SIGNED MESSAGE----- CA20090806-02: Security Notice for Unicenter Asset Portfolio Management, Unicenter Desktop and Server Management, Unicenter Patch Management Issued: August 6, 2009 CA's technical support is alerting customers to a security risk with Unicenter Asset Portfolio Management, Unicenter Desktop and Server Management, and Unicenter Patch Management. The release of Tomcat as included with the products is potentially susceptible to a cross-site scripting vulnerability. CA has issued a solution to address the issue. Risk Rating Medium Platform Windows Affected Products Unicenter Asset Portfolio Management 11.3 Unicenter Asset Portfolio Management 11.3.4 Unicenter Desktop and Server Management 11.2 Unicenter Patch Management 11.2 How to determine if the installation is affected Customers can use the following technical documents to determine if an installation is affected. Unicenter Asset Portfolio Management: TEC492816 Unicenter Desktop and Server Management: TEC491323 Unicenter Patch Management: TEC491323 Solution Unicenter Asset Portfolio Management: Follow the instructions in solution document RI09916. Unicenter Desktop and Server Management, Unicenter Patch Management: Follow the instructions in technical document TEC491323. References CVE-2008-1232 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1232 CA20090806-02: Security Notice for Unicenter Asset Portfolio Management, Unicenter Desktop and Server Management, Unicenter Patch Management (line may wrap) https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=21 4095 Change History Version 1.0: Initial Release If additional information is required, please contact CA Support at http://support.ca.com/ If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team. (line may wrap) https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=17 7782 Kevin Kotas CA Product Vulnerability Response Team -----BEGIN PGP SIGNATURE----- Version: PGP 8.1 iQEVAwUBSnti5pI1FvIeMomJAQFM0Qf/WnAvDpjlC+thQqPIJEaBUI5TBYoroLku dM/q10Xk54htqtNMEnbrNVZvIYStdcEpQe2SuW+0rSI3U1Pv5Bkn/ofrbv7muYGk hKQHfcliXLsjTuEq8aSSgmHVeMBwQ/Vwfnv5DClgrJ2LeW/J4uhG3g1NlB0gpTSw MkfOAc+4fyl0DHvHpDvUBNZCAATeTOijStW4orTJulcl+TyO6pkx1aDjfQb0sIL0 B3xlG7CjMJxisV63fJpgeUTV6pBRf0w9cqj5nAaIGsAKtZXjWzfwKWdLxU794JUa nDFDWBWgt1aDLH99PWH3lPjYgM8z/Bfe+FqBhHV/j0cqyosb7rYdag== =2uwe -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists