Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[CAID 35754]: CA Host-Based Intrusion Prevention System (CA HIPS) Server

from [Williams, James K] Network Security [Permanent Link]
Subject: [CAID 35754]: CA Host-Based Intrusion Prevention System (CA HIPS) Server Vulnerability
Date: Fri, 19 Oct 2007 09:49:11 -0400 

Title: [CAID 35754]: CA Host-Based Intrusion Prevention System 
(CA HIPS) Server Vulnerability

CA Vuln ID (CAID): 35754

CA Advisory Date: 2007-10-18

Reported By: David Maciejak

Impact: A remote attacker can take unauthorized administrative 
action.

Summary: CA Host-Based Intrusion Prevention System (CA HIPS) 
contains a vulnerability in the Server installation that can allow 
a remote attacker to take unauthorized administrative action. The 
vulnerability, CVE-2007-5472, occurs due to raw request data being 
displayed in the log when viewed by a browser. Note: The client 
installation is not vulnerable.

Mitigating Factors: The client installation is not vulnerable.

Severity: CA has given these vulnerabilities a maximum risk rating 
of Medium.

Affected Products:
CA Host-Based Intrusion Prevention System (CA HIPS) r8

Affected Platforms:
Windows

Status and Recommendation:
CA has issued the following patch to address the vulnerabilities.
CA Host-Based Intrusion Prevention System (CA HIPS) r8: QO91494

How to determine if you are affected:
1. Log in to the HIPS Administration Console.
2. Scroll down to the end of the Main page.
3. Press the "About" link on the right bottom side of the page.
4. Check the version. If the version is less than 8.0.0.93, the 
   installation is vulnerable.

Workaround: None

References (URLs may wrap):
CA SupportConnect:
http://supportconnect.ca.com/
Security Notice for CA Host-Based Intrusion Prevention System 
(CA HIPS) Server
http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp
Solution Document Reference APARs:
QO91494
CA Security Advisor posting:
CA Host-Based Intrusion Prevention System (CA HIPS) Server 
Vulnerability
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=158327
CA Vuln ID (CAID): 35754
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35754
Reported By: 
David Maciejak
CVE References:
CVE-2007-5472 - log content injection
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5472
OSVDB References: Pending
http://osvdb.org/

Changelog for this advisory:
v1.0 - Initial Release

Customers who require additional information should contact CA
Technical Support at http://supportconnect.ca.com.

For technical questions or comments related to this advisory, 
please send email to vuln AT ca DOT com.

If you discover a vulnerability in CA products, please report your
findings to vuln AT ca DOT com, or utilize our "Submit a 
Vulnerability" form. 
URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx


Regards,
Ken Williams ; 0xE2941985
Director, CA Vulnerability Research

CA, 1 CA Plaza, Islandia, NY 11749
        
Contact http://www.ca.com/us/contact/
Legal Notice http://www.ca.com/us/legal/
Privacy Policy http://www.ca.com/us/privacy/
Copyright (c) 2007 CA. All rights reserved.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [CAID 35754]: CA Host-Based Intrusion Prevention System (CA HIPS) Server Vulnerability, Williams, James K <=
Previous by Date:  A-Cart SQL Injection And Cross-Site Scripting, [ NO REPLY ]
Next by Date:  [Aria-Security.Net] SearchSimon Lite Cross-Site Scripting Vuln., [ NO REPLY ]
Previous by Thread:  A-Cart SQL Injection And Cross-Site Scripting, [ NO REPLY ]
Next by Thread:  [Aria-Security.Net] SearchSimon Lite Cross-Site Scripting Vuln., [ NO REPLY ]
Indexes:  [Date] [Thread] [Top] [All Lists]