The Cisco NX-OS CDPD daemon is vulnerable to a buffer overflow attack. This bug can be exploited remotely. The attack must be issued from the same local net of the target host.
preg_replace using eval switch vulnerability in html2text library, allows remote attackers to execute arbitrary code.
An internal memory buffer may be overrun while handling long "MKD" commands. This condition may be exploited by attackers to ultimately execute instructions with the privileges of the CesarFTP process. The CesarFTP server will be left inaccessible after successful exploitation.
This module exploits a remote stack-based buffer overflow in CA XOsoft Control Service by passing overly long arguments to the entry_point.aspx login page. Authentication is not required for this exploit to work.
The UNCWS Web Service component of CA Total Defense listens for SOAP requests. The UnAssignAdminUsers method makes use of the uncsp_UnassignAdminRoles stored procedure, which is vulnerable to SQL Injection. A remote unauthenticated attacker can exploit this to execute arbitrary code on a vulnerable machine with SYSTEM privileges.
The UNCWS Web Service component of CA Total Defense listens for SOAP requests. A remote unauthenticated attacker can invoke the getDBConfigSettings method, and the Web Service will answer with the server's database credentials. Once that the credentials are captured, it is possible for a remote attacker to connect to the database and execute arbitrary code under the context of the database administrator.
The UNCWS Web Service component of CA Total Defense listens for SOAP requests. The exportReport method makes use of the uncsp_GenerateReports_Dashboard stored procedure, which is vulnerable to SQL Injection. A remote unauthenticated attacker can exploit this to execute arbitrary code on a vulnerable machine with SYSTEM privileges.
The UNCWS Web Service component of CA Total Defense listens for SOAP requests. The DeleteReports method makes use of the uncsp_DeleteReports stored procedure, which is vulnerable to SQL Injection. A remote unauthenticated attacker can exploit this to execute arbitrary code on a vulnerable machine with SYSTEM privileges.
The UNCWS Web Service component of CA Total Defense listens for SOAP requests. The deleteReportFilter method makes use of the uncsp_DeleteFilter stored procedure, which is vulnerable to SQL Injection. A remote unauthenticated attacker can exploit this to execute arbitrary code on a vulnerable machine with SYSTEM privileges.
The CA iGateway component, contains a buffer overflow vulnerability due to improper bounds checking on HTTP GET requests by the iGateway component when debug mode is enabled.