CA SiteMinder SNMP Processing Flaw in CA Directory Component Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1026334 |
|
SecurityTracker URL: http://securitytracker.com/id/1026334
|
|
CVE Reference:
CVE-2011-3849
(Links to External Site)
|
Date: Nov 17 2011
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
|
Description:
A vulnerability was reported in CA SiteMinder. A remote user can cause denial of service conditions.
A remote user can send a specially crafted SNMP packet to cause the target service to crash.
CA Directory r12 SP1-SP7 and CA Directory 8.1 are included in this product and are affected.
nabCERT, National Australia Bank, reported this vulnerability.
|
Impact:
A remote user can cause the target service to crash.
|
Solution:
The vendor has issued a fix (CA Directory r12 SP7 CR1 and later; CA Embedded Entitlements Manager r12).
The vendor's advisory is available at:
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={286545DB-00B9-4B4C-8DE7-F00827F3CC75}
|
Vendor URL: support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={286545DB-00B9-4B4C-8DE7-F00827F3CC75} (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
Linux (Red Hat Enterprise), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (NT), Windows (2000), Windows (2003)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 16 Nov 2011 21:20:40 +0000
Subject: CA20111116-01: Security Notice for CA Directory
|
-----BEGIN PGP SIGNED MESSAGE-----
CA20111116-01: Security Notice for CA Directory
Issued: November 16, 2011
CA Technologies Support is alerting customers to a potential risk
with CA Directory. A vulnerability exists that can allow a remote
attacker to cause a denial of service condition. Remediation is
available to address the vulnerability.
The vulnerability, CVE-2011-3849, occurs due to insufficient bounds
checking. A remote attacker can send a SNMP packet that can cause a
crash.
Risk Rating
High
Platform
All
Affected Products
CA Directory r12 SP1-SP7
CA Directory 8.1
CA products that bundle CA Directory with the installation media:
CA Identity Manager
CA SiteMinder
CA Single Sign-On
CA DLP
CA Clarity PPM
CA Embedded Entitlements Manager 8.4.409 (8.4 SP4 CR09) and prior
Note: CA Embedded Entitlements Manager is distributed with the
following products:
CA Aion
CA APM
CA Asset Portfolio Management
CA Audit
CA Automation Suite for Data Centers
CA Client Automation
CA Configuration Automation
CA Directory
CA eHealth
CA Infrastructure Management
CA Introscope
CA IT Asset Manager
CA Process Automation
CA Service Catalog
CA Service Desk Manager
CA Service Metric Analysis
CA Service Operations Insight
CA Software Compliance Manager
CA User Activity Reporting Module
CA Virtual Automation
CA Virtual Automation for IM
CA Workflow
CA Workload Automation
CA Workload Control Center
Depending on how the individual product is implemented, CA Directory
may or may not be used by default when CA Embedded Entitlements
Manager is installed. If you have installed one of the products in
this list, refer to the product's installation or implementation
guide for specific details concerning CA Directory.
Non-Affected Products
CA Directory r12 SP7 CR1 and later
CA Embedded Entitlements Manager r12
How to determine if the installation is affected
CA Directory
Verify the version of dxserver by running the command
"dxserver version" on the command line. All versions prior to version
6279 are affected.
CA Embedded Entitlements Manager
See the Solution section to determine if the installation is
vulnerable.
Solution
CA Directory
For CA Directory, upgrade to SP7 CR1 (build 6279):
CA Directory Solutions & Patches
(url line wraps)
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7
bED89688A-C7A2-4FE9-85D9-1272D345A658%7d
CA Embedded Entitlements Manager
For products that include CA Embedded Entitlements Manager 8.4.409
(8.4 SP4 CR09) and prior, use the following instructions to remediate
the vulnerability:
Steps to Secure EEM Servers with Directory SNMP Vulnerability
(url line wraps)
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7
b0C234958-A014-4435-9EA9-3A39F2866D48%7d
Workaround
The vulnerability is related to CA Directory parsing of SNMP packets.
To mitigate the risk, the SNMP port can be disabled by removing the
"set snmp-port" line from the DSA's knowledge configuration section.
References
CVE-2011-3849 - CA Directory denial of service
CA20111116-01: Security Notice for CA Directory
(url line wraps)
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7
b286545DB-00B9-4B4C-8DE7-F00827F3CC75%7d
Acknowledgement
CVE-2011-3849 - nabCERT, National Australia Bank
Change History
Version 1.0: Initial Release
If additional information is required, please contact CA Technologies
Support at http://support.ca.com/
If you discover a vulnerability in CA Technologies products, please
report your findings to the CA Technologies Product Vulnerability
Response Team:
(url line wraps)
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=17
7782
Regards,
Kevin Kotas
CA Product Vulnerability Response Team
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQEVAwUBTsQmQZI1FvIeMomJAQEUeggArMki8ZvdQG4MCAq2Aqw5wBE6bFaFMoax
4oAo+E91TeOkDuh5UBXGlOj/aVmnvpw4PAFJGz5xjybrRRWBMocr7/pvGJ585WwO
f/RcKZ5i/5TBvA2beOO/A0bxgP50/g3+T7kNePVc1F9Da6spnipeBwd0rzh+ermJ
oRs2FbCJtuR1hdviqxdOAUNqCZqAcU4V1rKu5OVDgvu9uPRl6/H5vKO4ffKdzdrc
Iefcob+aSnvNqoPQfBAlrbK+nNN3bHHfKXDD6X02Y/R9n1T1YJM4jeO4CIFQGN6i
/MDJ3VKKiflxMeezJJgs3SkByAwfxfpKWj72n1kf9v/rkx/609FCUw==
=bqKd
-----END PGP SIGNATURE-----
|
|
