Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-9795

EPSS 0.07% · P21
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2016-9795

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE 5.8.2 and 5.9; CA Systems Performance for Infrastructure Managers 12.8 and 12.9; CA Universal Job Management Agent 11.2; CA Virtual Assurance for Infrastructure Managers 12.8 and 12.9; CA Workload Automation AE 11, 11.3, 11.3.5, and 11.3.6 on AIX, HP-UX, Linux, and Solaris allows local users to modify arbitrary files and consequently gain root privileges via vectors related to insufficient validation.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款CA产品CA Common Services安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
CA Client Automation等都是美国CA公司的产品。CA Client Automation是一套自动化和远程客户端管理工具。CA Network and Systems Management是一套企业管理系统。CA Common Services是其中的一个在Unix/Linux平台上绑定的通用服务。 基于AIX、HP-UX、Linux和Solaris平台的多款CA产品中使用的CA Common Services存在安全漏洞。本地攻击者可利用该漏洞更改任意文件,获取root权限。以下产品和
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2016-9795

#POC DescriptionSource LinkShenlong Link
1Revisited CVE-2016-9795 privilege escalation (casrvc binary from CA Common Services suite)https://github.com/blogresponder/CA-Common-Services-privilege-escalation-cve-2016-9795-revisitedPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2016-9795

Please Login to view more intelligence information

Same Patch Batch · n/a · 2017-01-27 · 35 CVEs total

CVE-2016-3996Samsung KNOX 安全漏洞
CVE-2017-3386Oracle E-Business Suite 安全漏洞
CVE-2017-3397Oracle E-Business Suite 安全漏洞
CVE-2017-3413Oracle E-Business Suite 安全漏洞
CVE-2017-5328Palo Alto Networks Terminal Services Agent 安全漏洞
CVE-2017-5329Palo Alto Networks Terminal Services Agent 权限许可和访问控制问题漏洞
CVE-2017-5601libarchive 安全漏洞
CVE-2016-1919Samsung KNOX 安全漏洞
CVE-2016-1920Samsung KNOX 信息泄露漏洞
CVE-2017-3368Oracle E-Business Suite Oracle iStore 安全漏洞
CVE-2016-5822Huawei OceanStor 5800 拒绝服务漏洞
CVE-2016-10002Squid HTTP proxy 信息泄露漏洞
CVE-2016-10003Squid HTTP proxy 信息泄露漏洞
CVE-2016-9448Silicon Graphics LibTIFF 拒绝服务漏洞
CVE-2016-9453Silicon Graphics LibTIFF 拒绝服务漏洞
CVE-2017-5598eClinicalWorks healow@work SQL注入漏洞
CVE-2017-5599eClinicalWorks Patient Portal 跨站脚本漏洞
CVE-2016-9634GStreamer Good Plug-ins 缓冲区溢出漏洞
CVE-2016-5824libical 代码问题漏洞
CVE-2016-5825libical 安全漏洞

Showing top 20 of 35 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2016-9795

No comments yet

Leave a comment