PDA

Visualizza versione completa : Donna's: CA Portal Technology Session Handling Vulnerability


Giorgius
22-12-2006, 01.20.12
A vulnerability has been reported in CA's Portal technology, which potentially can be exploited by malicious users to bypass certain security restrictions. The problem is that when multiple Portal servers share a common data source, a malicious user may be be able to inherit the session and security authentication of another user from a different Portal server...

Leggi: http://msmvps.com/blogs/donna/archive/2006/12/20/ca-portal-technology-session-handling-vulnerability-ca-anti-virus-vetfddnt-sys-and-vetmonnt-sys-local-dos-vulnerabilities.aspx