Published: 22/09/2006 Updated: 09/04/2021

CVSS v2 Base Score: 5.5 | Impact Score: 4.9 | Exploitability Score: 8

VMScore: 555

Vector: AV:N/AC:L/Au:S/C:N/I:P/A:P

Subscribe to Etrust Security Command Center

Directory traversal vulnerability in Computer Associates (CA) eTrust Security Command Center 1.0 and r8 up to SP1 CR2, allows remote authenticated users to read and delete arbitrary files via ".." sequences in the eSCCAdHocHtmlFile parameter to eSMPAuditServlet, which is not properly handled by the getadhochtml function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
broadcom etrust security command center 8

source: wwwsecurityfocuscom/bid/20139/info CA eTrust Security Command Center (eSCC) and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - a replay issue These vulnerabilities occur because the software fails to validate user input and because of desi ...

NVD-CWE-Other http://users.tpg.com.au/adsl2dvp/advisories/200608-computerassociates.txt http://www3.ca.com/securityadvisor/blogs/posting.aspx?id=90744&pid=93243&date=2006/9 http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34617 http://www.osvdb.org/29010 http://secunia.com/advisories/22023 http://www.securityfocus.com/bid/20139 http://securitytracker.com/id?1016910 http://www.vupen.com/english/advisories/2006/3738 https://exchange.xforce.ibmcloud.com/vulnerabilities/29104 http://www.securityfocus.com/archive/1/446716/100/0/threaded http://www.securityfocus.com/archive/1/446611/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/28641/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-4900

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect