You know the drill: pause and patch to prevent p0wnage
IT shops running CA Technologies' Unified Infrastructure Management (UMI) – formerly CA Nimsoft – need to run patches for three vulnerabilities, one remotely exploitable. CA bought Nimsoft in 2010 to get its hands on the “single pane of glass” monitoring system, covering servers, networks, storage, and databases. The most serious bug turned up by Trend Micro's Zero Day Initiative and “rgod” is a directory traversal bug (CVE-2016-5803) in the download_lar servlet. ZDI's note is here. ...