In association with heise online

09 March 2007, 12:45

Hole provides escalated privileges in CAs eTrust Admin

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Software vendor CA has reported a vulnerability in eTrust Admin that allows users to escalate their privileges. The flaw is found in the product's GINA (Graphical Identification and Authentication) component, the log-in dialogue that users see on Windows, and its administration. According to the security report, users can apparently escalate their privileges via this interface where the password is reset. To do so, attackers do not necessarily even have to have direct access to a computer; access via remote desktop apparently also suffices. eTrust Admin 8.1 (8.1.0), SP2 (8.1.2) and SP1 (8.1.1) are affected. An update has been made available to remedy the problem.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit