NAI Net Tools PKI Server XUDA Template Absolute Pathnames
Remote / Network Access
Loss of Integrity
Net Tools PKI Server contains a flaw that may allow an attacker to gain access to the system hosting the Enrollment and/or Administrative Web server. The issue is due to a flaw in the way the server handles XUDA (Xcert Universal Database API) templates without referencing absolute pathnames.
Currently, there are no known workarounds or upgrades to correct this issue. However, Network Associates has released a patch to address this vulnerability.