CVE-2011-3011 Information

Description

BaseServiceImpl.class in CA ARCserve D2D r15 does not properly handle sessions which allows remote attackers to obtain credentials and consequently execute arbitrary commands via unspecified vectors.

Reference

http://securityreason.com/securityalert/8338 http://www.securityfocus.com/archive/1/519234/100/0/threaded http://www.securityfocus.com/bid/48897 https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=7D3ACC0F-6C01-4BE2-B5C0-C430CEB45BE6