Welcome 微信登录
编程资源 图片资源库 蚂蚁家优选 PDF转换器

首页 / 操作系统 / Linux / Computer Associates XCOM Data Transport远程任意命令执行漏洞

发布日期:2012-12-05
更新日期:2012-12-07受影响系统:
CA XCOM Data Transport r11.5
CA XCOM Data Transport r11.0
不受影响系统:
CA XCOM Data Transport r11.6
描述:
--------------------------------------------------------------------------------
BUGTRAQ  ID: 56824
CVE(CAN) ID: CVE-2012-5973Computer Associates XCOM Data Transport是多平台的、多协议的、安全的数据传输解决方案。Unix、Linux平台上的CA XCOM Data Transport r11.5、CA XCOM Data Transport r11.0在验证请求时存在安全漏洞,远程攻击者通过精心构造的请求可导致执行任意命令。<*来源:Jurgens van der Merwe
 
  链接:http://seclists.org/fulldisclosure/2012/Dec/87
        https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={3%2058F44CA-6354-4427-9088-C57138E9EE11
*>建议:
--------------------------------------------------------------------------------
临时解决方法:在xcom.glb文件内,将CA XCOM全局参数设置为"XENDCMD="厂商补丁:CA
--
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载下列补丁:http://support.ca.com/以下Linux与Unix平台版本是受影响的:CA XCOM Data Transport r11.5: CA XCOM Data Transport for Linux PC
      SP00 - RO52253
 CA XCOM Data Transport for HP/UX
      SP00 - RO52259
 CA XCOM Data Transport for HP-UX IA64
      SP00 - RO52261CA XCOM Data Transport r11.0: CA XCOM Data Transport for AIX
      SP02 - RO52265
      SP01 - RO52264
 CA XCOM Data Transport for AIX Brixton
      SP02 - RO52265
      SP01 - RO52264
 CA XCOM Data Transport for Digital UNIX
      SP01 - RO52257
 CA XCOM Data Transport for HP/UX
      SP02 - RO52258
      SP01 - RO52587
 CA XCOM Data Transport for HP-UX IA64
      SP02 - RO52260
 CA XCOM Data Transport for Linux PC
      SP01 - RO52252
 CA XCOM Data Transport for Linux zSeries
      SP01 - RO52254
 CA XCOM Data Transport for NCR UNIX MP-RAS
      SP01 - RO52256
 CA XCOM Data Transport for SCO OpenServer
      SP01 - RO52266
 CA XCOM Data Transport for SCO UnixWare
      SP01 - RO52269
 CA XCOM Data Transport for Sun Solaris Brixton
      SP02 - RO52268
      SP01 - RO52267
 CA XCOM Data Transport for Sun Solaris Operating System
      SP02 - RO52268
      SP01 - RO52267
 CA XCOM Data Transport for Sun Solaris X86
      SP01 - RO52255不受影响的版本:所有Linux和Unix平台下的CA XCOM Data Transport r11.6All versions of CA XCOM Data Transport for non-Linux and non-UNIX
platforms, which include:
CA XCOM Data Transport for AS/400 i5/OS
CA XCOM Data Transport for AS/400 i5/OS CISC
CA XCOM Data Transport for HP NonStop
CA XCOM Data Transport for HP NonStop IA64
CA XCOM Data Transport for LAN Server NetWare
CA XCOM Data Transport for LAN Workstation for OS/2
CA XCOM Data Transport for LAN Workstation for Windows
CA XCOM Data Transport for OpenVMS
CA XCOM Data Transport for OpenVMS Alpha
CA XCOM Data Transport for OpenVMS I64
CA XCOM Data Transport for OpenVMS VAX
CA XCOM Data Transport for OS/2 Workstation
CA XCOM Data Transport for PC-DOS Workstation
CA XCOM Data Transport for Stratus CISC
CA XCOM Data Transport for Stratus Continuum
CA XCOM Data Transport for Stratus RISC
CA XCOM Data Transport for VAX
CA XCOM Data Transport for Windows Family Professional
CA XCOM Data Transport for Windows Family Server
CA XCOM Data Transport for z/OS
CA XCOM Data Transport for z/VM
CA XCOM Data Transport for z/VSE
CA XCOM Data Transport for z/VSE CICS
CA XCOM Data Transport Gateway
CA XCOM Data Transport Management Center以下为各版本对应的补丁编号:CA XCOM Data Transport r11.5: CA XCOM Data Transport for Linux PC
      SP00 - RO52253
 CA XCOM Data Transport for HP/UX
      SP00 - RO52259
 CA XCOM Data Transport for HP-UX IA64
      SP00 - RO52261CA XCOM Data Transport r11.0: CA XCOM Data Transport for AIX
      SP02 - RO52265
      SP01 - RO52264
 CA XCOM Data Transport for AIX Brixton
      SP02 - RO52265
      SP01 - RO52264
 CA XCOM Data Transport for Digital UNIX
      SP01 - RO52257
 CA XCOM Data Transport for HP/UX
      SP02 - RO52258
      SP01 - RO52587
 CA XCOM Data Transport for HP-UX IA64
      SP02 - RO52260
 CA XCOM Data Transport for Linux PC
      SP01 - RO52252
 CA XCOM Data Transport for Linux zSeries
      SP01 - RO52254
 CA XCOM Data Transport for NCR UNIX MP-RAS
      SP01 - RO52256
 CA XCOM Data Transport for SCO OpenServer
      SP01 - RO52266
 CA XCOM Data Transport for SCO UnixWare
      SP01 - RO52269
 CA XCOM Data Transport for Sun Solaris Brixton
      SP02 - RO52268
      SP01 - RO52267
 CA XCOM Data Transport for Sun Solaris Operating System
      SP02 - RO52268
      SP01 - RO52267
 CA XCOM Data Transport for Sun Solaris X86
      SP01 - RO52255Ektron CMS "XslCompiledTransform"类远程代码执行漏洞HP多个激光打印机和彩色激光打印机跨站脚本漏洞相关资讯      远程任意命令执行漏洞 
  • Sybase Adaptive Server   (10/10/2012 08:05:53)
本文评论 查看全部评论 (0)
表情: 姓名: 字数


评论声明
  • 尊重网上道德,遵守中华人民共和国的各项有关法律法规
  • 承担一切因您的行为而直接或间接导致的民事或刑事法律责任
    • 版权所有©石家庄振强科技有限公司2024 冀ICP备08103738号-5 网站地图