多个CA服务管理产品未明远程命令执行漏洞

BUGTRAQ ID: 33161 CVE ID：CVE-2009-0043 CNCVE ID：CNCVE-20090043 CA Service Metric Analysis和CA Service Level Management包含漏洞，允许远程攻击者执行任意命令。 问题是不充分限制对smmsnmpd服务的访问，远程攻击者可以利用漏洞以此服务上下文执行任意命令。 目前没有详细漏洞细节提供。 CA Service Metric Analysis 11.1 SP1 CA Service Metric Analysis 11.1 CA Service Metric Analysis 11.0 CA Service Level Management 3.5 厂商解决方案 可参考如下补丁： CA Service Metric Analysis 11.1 SP1 CA RO04667 <a href=https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=sear target=_blank rel=external nofollow>https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=sear</a> ch&amp;searchID=RO04667 CA Service Level Management 3.5 CA RO04649 <a href=https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=sear target=_blank rel=external nofollow>https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=sear</a> ch&amp;searchID=RO04649 CA Service Metric Analysis 11.1 CA RO04667 <a href=https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=sear target=_blank rel=external nofollow>https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=sear</a> ch&amp;searchID=RO04667 CA Service Metric Analysis 11.0 CA RO04653 <a href=https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=sear target=_blank rel=external nofollow>https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=sear</a> ch&amp;searchID=RO04653