Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-disclosure] [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical

from [Williams, James K] Network Security [Permanent Link]
Subject: [Full-disclosure] [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities
Date: Wed, 26 Sep 2007 22:38:48 -0400 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Title: [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical 
Storage Manager CsAgent Multiple Vulnerabilities

CA Vuln ID (CAID): 35690, 35691, 35692

CA Advisory Date: 2007-09-26

Reported By: Sean Larsson, iDefense Labs
             anonymous researcher working with the iDefense VCP
             Aaron Portnoy of DV Labs (dvlabs.tippingpoint.com)

Impact: A remote attacker can execute arbitrary code or cause a 
denial of service condition.

Summary: Multiple vulnerabilities exist in the CsAgent service 
that can allow a remote attacker to execute arbitrary code or 
cause a denial of service condition. The first set of 
vulnerabilities, CVE-2007-5082, occur due to insufficient bounds 
checking in multiple CsAgent service commands. The second set of 
vulnerabilities, CVE-2007-5083, occur due to insufficient 
validation of integer values in multiple CsAgent service commands, 
which can lead to buffer overflow. The third set of 
vulnerabilities, CVE-2007-5084, occur due to insufficient 
validation of strings used in SQL statements in multiple CsAgent 
service commands.

Mitigating Factors:
None

Severity: CA has given these vulnerabilities a maximum risk rating 
of High.

Affected Products:
CA BrightStor Hierarchical Storage Manager r11.5

Affected Platforms:
Windows

Status and Recommendation:
CA has provided an update to address the vulnerabilities. Upgrade 
to BrightStor Hierarchical Storage Manager r11.6.
BrightStor Hierarchical Storage Manager r11.6:
http://supportconnectw.ca.com/premium/bstorhsm/downloads/BHSMr11_6.zip

How to determine if you are affected:
Run the BrightStor HSM Administrator GUI and open Help->About from 
the toolbar to view the version. If the version is less than 11.6, 
the installation is vulnerable.

Workaround: None

References (URLs may wrap):
CA SupportConnect:
http://supportconnect.ca.com/
CA BrightStor Hierarchical Storage Manager CsAgent Security Notice
http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp
Solution Document Reference APARs:
n/a
CA Security Advisor posting:
CA BrightStor Hierarchical Storage Manager CsAgent Multiple 
Vulnerabilities
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156444
CA Vuln ID (CAID): 35690, 35691, 35692
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35691
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692
Reported By: Sean Larsson, iDefense Labs; an anonymous researcher 
working with the iDefense VCP; Aaron Portnoy of DV Labs 
(dvlabs.tippingpoint.com)
iDefense advisory:
http://labs.idefense.com/intelligence/vulnerabilities/
ZDI advisory:
http://www.zerodayinitiative.com/advisories.html
CVE References:
CVE-2007-5082, CVE-2007-5083, CVE-2007-5084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5082
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5084
OSVDB References: Pending
http://osvdb.org/

Changelog for this advisory:
v1.0 - Initial Release

Customers who require additional information should contact CA
Technical Support at http://supportconnect.ca.com.

For technical questions or comments related to this advisory, 
please send email to vuln AT ca DOT com.

If you discover a vulnerability in CA products, please report your
findings to vuln AT ca DOT com, or utilize our "Submit a 
Vulnerability" form. 
URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx


Regards,
Ken Williams ; 0xE2941985
Director, CA Vulnerability Research

CA, 1 CA Plaza, Islandia, NY 11749
        
Contact http://www.ca.com/us/contact/
Legal Notice http://www.ca.com/us/legal/
Privacy Policy http://www.ca.com/us/privacy/
Copyright (c) 2007 CA. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.3 (Build 5003)

wj8DBQFG+xexeSWR3+KUGYURAhk7AJ4tVOI2ScNc4AP1REiLPOLDs18jMACfYZOR
RDyFmECjbqcPvM49/5mZyJw=
=JLTp
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Full-disclosure] [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities, Williams, James K <=
Previous by Date:  [Full-disclosure] New RFID Mail list and project, audit
Next by Date:  Re: [Full-disclosure] CAT6500 accessible via 127.0.0.x loopback addresses, Ilker Temir
Previous by Thread:  [Full-disclosure] New RFID Mail list and project, audit
Next by Thread:  Re: [Full-disclosure] CAT6500 accessible via 127.0.0.x loopback addresses, Ilker Temir
Indexes:  [Date] [Thread] [Top] [All Lists]