Computer Associates eTrust Admin GINA Module Unspecified Privilege Escalation Vulnerability

Bugtraq ID:	22885
Class:	Unknown
CVE:	CVE-2007-1345
Remote:	Yes
Local:	Yes
Published:	Mar 08 2007 12:00AM
Updated:	Mar 09 2007 04:55PM
Credit:	The vendor disclosed this vulnerability.
Vulnerable:	Computer Associates eTrust Admin 8.1.2 SP2 Computer Associates eTrust Admin 8.1.1 SP2 Computer Associates eTrust Admin 8.1
Not Vulnerable:

Computer Associates eTrust Admin GINA Module Unspecified Privilege Escalation Vulnerability

Computer Associates eTrust Admin is prone to an unspecified privilege-escalation vulnerability.

An attacker can exploit this issue to obtain administrative privileges. A successful attack can result in the compromise in the context of the affected application.

Computer Associates eTrust Admin versions 8.1 SP2 ver 8.1.2, 8.1.1, and 8.1.0 are vulnerable to this issue.

Computer Associates eTrust Admin GINA Module Unspecified Privilege Escalation Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

Computer Associates eTrust Admin GINA Module Unspecified Privilege Escalation Vulnerability

Solution:
The vendor has released updates to address this issue. Please see the references for more information.

Computer Associates eTrust Admin GINA Module Unspecified Privilege Escalation Vulnerability

References:

• 35145 CA eTrust Admin Privilege Escalation Vulnerability (Computer Associates)
  
• Computer Associates Homepage (Computer Associates)
  
• [CAID 35145]: CA eTrust Admin Privilege Escalation Vulnerability (CA)
  
• Security Notice for CA eTrust Admin GINA (Computer Associates)