Directory traversal vulnerability in the Heartbeat Web Service in CA.Itm.Server.ManagementWS.dll in the Management Server in CA Total Defense (TD) r12 before SE2 allows remote attackers to execute arbitrary code via directory traversal sequences in the GUID parameter in an upload request to FileUploadHandler.ashx.
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
| Link | Tags |
|---|---|
| http://secunia.com/advisories/44097 | third party advisory vendor advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/66726 | vdb entry |
| http://www.vupen.com/english/advisories/2011/0977 | vdb entry vendor advisory |
| http://securitytracker.com/id?1025353 | vdb entry |
| https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7BCD065CEC-AFE2-4D9D-8E0B-BE7F6E345866%7D | |
| http://www.securityfocus.com/bid/47357 | vdb entry |
| http://www.securityfocus.com/archive/1/517488/100/0/threaded | mailing list |
| http://www.zerodayinitiative.com/advisories/ZDI-11-126/ | |
| http://www.securityfocus.com/archive/1/517494/100/0/threaded | mailing list |